Vulnerabilities

CVE-2011-3218

by Fred · 14/10/2011

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.

Date published : 2011-10-14

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

http://www.securityfocus.com/bid/50085

Similar

Tags: Cybersecurity Alert