WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.
AV:N/AC:M/Au:N/C:P/I:N/A:N
07/09/2010
by Apple
22 days ago
by Google
a month ago
by Webkitgtk
6 months ago
by Apple
22 days ago
by Canonical
3 months ago