Candidate: CVE-2009-1710
PublicDate: 2009-06-10 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1710
Description:
 WebKit in Apple Safari before 4.0 allows remote attackers to spoof the
 browser's display of (1) the host name, (2) security indicators, and
 unspecified other UI elements via a custom cursor in conjunction with a
 modified CSS3 hotspot property.
Ubuntu-Description:
Notes:
 jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
  it, while qt4-x11 attempts to unify khtml and webkit
 mdeslaur> code does not appear present in kde4libs
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535793
Priority: low
Discovered-by:
Assigned-to: micahg
CVSS: 

Patches_webkit:
 upstream: http://trac.webkit.org/changeset/35157
upstream_webkit: needs-triage
dapper_webkit: DNE
hardy_webkit: ignored (reached end-of-life)
intrepid_webkit: needed (reached end-of-life)
jaunty_webkit: ignored (reached end-of-life)
karmic_webkit: not-affected (1.1.12-1ubuntu1)
lucid_webkit: not-affected (1.1.12-1ubuntu1)
maverick_webkit: not-affected (1.1.12-1ubuntu1)
natty_webkit: not-affected (1.1.12-1ubuntu1)
devel_webkit: not-affected (1.1.12-1ubuntu1)

Patches_qt4-x11:
upstream_qt4-x11: needs-triage
dapper_qt4-x11: not-affected (no webkit)
hardy_qt4-x11: not-affected (no webkit)
intrepid_qt4-x11: needed (reached end-of-life)
jaunty_qt4-x11: not-affected (4.5.0-0ubuntu4.2)
karmic_qt4-x11: not-affected (4.5.2-0ubuntu5)
lucid_qt4-x11: not-affected (4.5.2-0ubuntu5)
maverick_qt4-x11: not-affected (4.5.2-0ubuntu5)
natty_qt4-x11: not-affected (4.5.2-0ubuntu5)
devel_qt4-x11: not-affected (4.5.2-0ubuntu5)