CVE

Id
46394  
CVE No.
CVE-2010-3810  
Status
Candidate  
Description
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar"s URL or add URLs to the history via a cross-origin attack.  
Phase
Assigned (20101007)  
Votes
None (candidate not yet proposed)  
Comments