WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-09-07T17:00:00

Updated: 2024-08-07T03:03:18.863Z

Reserved: 2010-09-07T00:00:00

Link: CVE-2010-3259

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2010-09-07T18:00:03.043

Modified: 2020-08-04T19:45:10.683

Link: CVE-2010-3259

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-09-02T00:00:00Z

Links: CVE-2010-3259 - Bugzilla