CVE-2009-1696 — Apple Safari vulnerability

CWE-3102 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 24.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedJun 10

Latest updateMay 2

Description

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 uses predictable random numbers in JavaScript applications, which makes it easier for remote web servers to track the behavior of a Safari user during a session.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/safari4.0_beta+25

Patches

Patch: lists.apple.com ↗Patch: support.apple.com ↗Patch: www.vupen.com ↗

🔴Vulnerability Details

GHSA

GHSA-h49m-8hrm-3pg8: WebKit in Apple Safari before 4↗2022-05-02

▶