Bug#560870: remote info disclosure via css

Michael Gilbert michael.s.gilbert at gmail.com
Sat Dec 12 22:26:22 UTC 2009

package: webkit
version: 1.1.17-2
severity: serious
tags: security


it has been disclosed that it is possible for any website to query the
user's site viewing history via css.  please see [0].  i have not
personally checked whether this package is vulnerable, but it seems to
be a general css design issue, so all css-supporting browsers are
likely affected. please check, and feel free to close the bug if the
package is not affected.   thanks.


More information about the Pkg-webkit-maintainers mailing list