loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2010-08-19T20:00:00
Updated: 2010-11-03T09:00:00
Reserved: 2010-05-06T00:00:00
Link: CVE-2010-1760
JSON object: View
NVD Information
Status : Modified
Published: 2010-08-19T22:00:01.827
Modified: 2011-03-18T02:49:36.853
Link: CVE-2010-1760
JSON object: View
Redhat Information
No data.
CWE