WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds.
http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
http://support.apple.com/kb/HT4808
Source: MITRE
Published: 2011-07-21
Updated: 2011-07-22
Type: CWE-200
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM