CVE-2011-0167
Title: Apple Webkit
Other
Proof Of Concept
PoC Available for CVE-2011-0167
CWE Category
CWE-264
Published Date
Mar 11, 2011
Modified Date
Jun 16, 2026
Exploit Status
Available
Score
4.3
CVSS v2.0
Exploit Probability (EPSS)
3.34%
Vulnerability Summary
CVE-2011-0167: The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site.
Impacted Vendors
Reference Links
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
http://support.apple.com/kb/HT4566
http://www.securityfocus.com/bid/46816
http://www.securitytracker.com/id?1025183
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
http://support.apple.com/kb/HT4566
http://www.securityfocus.com/bid/46816
http://www.securitytracker.com/id?1025183
CVSS v2.0
Source Entity
[email protected]
Severity
MEDIUM
4.3
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:M/Au:N/C:N/I:P/A:N
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2011-0167 Exploits & PoCs (Proof Of Concept)
Exploit-DB
https://www.exploit-db.com/exploits/35434
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
N/A
Complexity
N/A
Privileges
N/A
Interaction
NONE
CVSS Vector String
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Stack
No specific products linked.