UBUNTU-CVE-2011-0161

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2011-0161

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2011/UBUNTU-CVE-2011-0161.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2011-0161

Upstream

CVE-2011-0161

Published

2011-03-11T22:55:00Z

Modified

2026-04-22T08:58:14.739021Z

Severity

Ubuntu - medium

Summary

[none]

Details

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading Style Sheets (CSS) token sequences via a crafted web site.

References

Affected packages

Ubuntu:16.04:LTS / qtwebkit-source

Package

Name: qtwebkit-source
Purl: pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.2-0ubuntu10

2.3.2-0ubuntu11

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libqtwebkit-qmlwebkitplugin",
            "binary_version": "2.3.2-0ubuntu11"
        },
        {
            "binary_name": "libqtwebkit4",
            "binary_version": "2.3.2-0ubuntu11"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2011/UBUNTU-CVE-2011-0161.json"