Description
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Cesar Cerrudo · textremotewindows
https://www.exploit-db.com/exploits/33563
References (6)
Core 6
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2722
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1006-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/41856
Exploit x_refsource_misc
http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0552
Scores
EPSS
0.0785
EPSS Percentile
92.0%
Details
Status
published
Products (1)
apple/safari
Published
Jan 14, 2010
Tracked Since
Feb 18, 2026