Upstream information

CVE-2011-1774 at MITRE

Description

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 8.8
Vector AV:N/AC:M/Au:N/C:N/I:C/A:C
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 692619 [RESOLVED / WONTFIX]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libwebkit-1_0-2 >= 1.2.7-0.17.1
  • libwebkit-devel >= 1.2.7-0.17.1
  • libwebkit-lang >= 1.2.7-0.17.1