Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects.

**Log in to Webmail**

**Explore OVHcloud email solutions**

Email Pro

From £1.99ex. VAT/monthor£2.39incl. VAT/month

1 email address  
10GB storage  
Data hosted in France  
99.99% availability

Hosted Exchange

From £2.49ex. VAT/month/accountor£2.99incl. VAT/month/account

Data hosted in France  
50GB or 300GB/account  
Standard Exchange account  
99.99% availability

Private Exchange

From £2.79ex. VAT/month/accountor£3.35incl. VAT/month/account

Standard Exchange account  
Up to 300 users  
50GB/account  
Dedicated server  
Dedicated IP  
99.99% availability

Trusted Exchange

Dedicated hardware infrastructure  
Multi-datacentre redundancy  
ISO 27001 certified  
From 2,000 user accounts  
Customisable storage  
99.99% SLA guaranteed

**Migrate your email accounts easily for free**

With the OVH Mail Migrator (OMM), you can securely migrate your external business email accounts to an OVHcloud account (and vice versa) for free.

This migration takes into account the essential elements of your source: emails, contacts, contact groups, tasks, calendars, schedules, rules and automatic replies.

This service is provided free of charge, and guarantees full reversibility.  
There are many advantages to opting for our email solutions:

*   Accessibility from any device

*   99.99% guaranteed availability

*   A secure, sovereign environment for your data

*   A solution updated and maintained by our teams

*   Anti-spam and anti-virus protection

*   Anti-DDoS protection

**Support and documentation**

We offer a range of documentation and online support to assist you in setting up and configuring your email accounts.

CVE-2009-1702: OVH mail

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.

Tag

#webkit