Vulnerabilities > CVE-2005-0341 - Cross-Site Scripting vulnerability in Apple Safari 1.2.4
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
apple
Summary
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |