WebKit SVG Cross-site Scripting Vulnerability
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows and before 4.1 on Mac OS X 10.4 does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site which allows remote attackers to read images from other sites via a crafted canvas related to a "cross-site image capture issue."
- Microsoft Windows Server 2003
- Microsoft Windows 7
- Microsoft Windows XP
- Microsoft Windows Vista
- Microsoft Windows Server 2008
- Apple Safari