CVE-2010-3829

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813.

Affected Software

Name	Vendor	Start Version	End Version
Iphone_os	Apple	*	4.1 (including)
Iphone_os	Apple	1.0.0 (including)	1.0.0 (including)
Iphone_os	Apple	1.0.1 (including)	1.0.1 (including)
Iphone_os	Apple	1.0.2 (including)	1.0.2 (including)
Iphone_os	Apple	1.1.0 (including)	1.1.0 (including)
Iphone_os	Apple	1.1.1 (including)	1.1.1 (including)
Iphone_os	Apple	1.1.2 (including)	1.1.2 (including)
Iphone_os	Apple	1.1.3 (including)	1.1.3 (including)
Iphone_os	Apple	1.1.4 (including)	1.1.4 (including)
Iphone_os	Apple	1.1.5 (including)	1.1.5 (including)
Iphone_os	Apple	2.0 (including)	2.0 (including)
Iphone_os	Apple	2.0.0 (including)	2.0.0 (including)
Iphone_os	Apple	2.0.1 (including)	2.0.1 (including)
Iphone_os	Apple	2.0.2 (including)	2.0.2 (including)
Iphone_os	Apple	2.1 (including)	2.1 (including)
Iphone_os	Apple	2.1.1 (including)	2.1.1 (including)
Iphone_os	Apple	2.2 (including)	2.2 (including)
Iphone_os	Apple	2.2.1 (including)	2.2.1 (including)
Iphone_os	Apple	3.0 (including)	3.0 (including)
Iphone_os	Apple	3.0.1 (including)	3.0.1 (including)
Iphone_os	Apple	3.1 (including)	3.1 (including)
Iphone_os	Apple	3.1.2 (including)	3.1.2 (including)
Iphone_os	Apple	3.1.3 (including)	3.1.3 (including)
Iphone_os	Apple	3.2 (including)	3.2 (including)
Iphone_os	Apple	3.2.1 (including)	3.2.1 (including)
Iphone_os	Apple	3.2.2 (including)	3.2.2 (including)
Iphone_os	Apple	4.0 (including)	4.0 (including)
Iphone_os	Apple	4.0.1 (including)	4.0.1 (including)
Iphone_os	Apple	4.0.2 (including)	4.0.2 (including)
Qt4-x11	Ubuntu	karmic	*
Qt4-x11	Ubuntu	lucid	*
Qtwebkit-source	Ubuntu	devel	*
Qtwebkit-source	Ubuntu	esm-apps/xenial	*
Qtwebkit-source	Ubuntu	maverick	*
Qtwebkit-source	Ubuntu	natty	*
Qtwebkit-source	Ubuntu	oneiric	*
Qtwebkit-source	Ubuntu	precise	*
Qtwebkit-source	Ubuntu	quantal	*
Qtwebkit-source	Ubuntu	raring	*
Qtwebkit-source	Ubuntu	saucy	*
Qtwebkit-source	Ubuntu	trusty	*
Qtwebkit-source	Ubuntu	utopic	*
Qtwebkit-source	Ubuntu	vivid	*
Qtwebkit-source	Ubuntu	wily	*
Qtwebkit-source	Ubuntu	xenial	*
Qtwebkit-source	Ubuntu	yakkety	*
Webkit	Ubuntu	hardy	*
Webkit	Ubuntu	karmic	*
Webkit	Ubuntu	lucid	*
Webkit	Ubuntu	maverick	*
Webkit	Ubuntu	natty	*
Webkit	Ubuntu	oneiric	*
Webkit	Ubuntu	precise	*
Webkit	Ubuntu	quantal	*
Webkit	Ubuntu	raring	*
Webkit	Ubuntu	saucy	*
Webkitgtk	Ubuntu	utopic	*
Webkitgtk	Ubuntu	vivid	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-3829
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References