Candidate: CVE-2010-4183
PublicDate: 2010-11-05 17:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4183
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before
 4.1.0, when Internet Explorer is used, allow remote attackers to inject
 arbitrary web script or HTML via a crafted (1) background-image, (2)
 background, or (3) font-family Cascading Style Sheets (CSS) property, a
 different vulnerability than CVE-2010-2479.
Ubuntu-Description:
Notes:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS: 

Patches_php-htmlpurifier:
upstream_php-htmlpurifier: released (4.1.1, 4.2.0)
dapper_php-htmlpurifier: DNE
hardy_php-htmlpurifier: DNE
karmic_php-htmlpurifier: ignored (reached end-of-life)
lucid_php-htmlpurifier: ignored (reached end-of-life)
maverick_php-htmlpurifier: not-affected (4.1.1+dfsg1-1)
natty_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)
oneiric_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)
precise_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)
quantal_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)
raring_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)
saucy_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)
devel_php-htmlpurifier: not-affected (4.2.0+dfsg1-1)