CVE-2010-3813

Published: 22 November 2010

The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality.

Priority

Medium

Status

Package Release Status
qt4-x11
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(webkit isn't built)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(webkit isn't built)
qtwebkit-source
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(no update available)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [no update available])
webkit
Launchpad, Ubuntu, Debian
Upstream
Released (1.2.6)
Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

webkitgtk
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(2.4.9-2ubuntu2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [2.4.8-1ubuntu1~ubuntu14.04.1])

Notes

AuthorNote
jdstrand
qt4-x11 unmaintained upstream (see README.webkit for details)

References