CVE-2010-0044

Sažetak

PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.

Reference

http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html
http://osvdb.org/62937
http://support.apple.com/kb/HT4070
http://www.securityfocus.com/bid/38671
http://www.securityfocus.com/bid/38675
https://exchange.xforce.ibmcloud.com/vulnerabilities/56830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

19-09-2017 - 01:30

Objavljeno

15-03-2010 - 13:28