CVE-2009-2200
CVE-2009-2200 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:N/A:N
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.
Learn more about our Cis Benchmark Audit For Safari Browser.