CVE-2010-0044Apple Safari vulnerability

CWE-164 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.5%
top 35.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedMar 15
Latest updateMay 2

Description

PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDapple/safari4.0.4+5

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-hv89-3xxg-f733: PubSub in Apple Safari before 42022-05-02
OSV
CVE-2010-0044: PubSub in Apple Safari before 42010-03-15

💬Community

1
Bugzilla
CVE-2010-1679 dpkg: directory traversal flaw allows for arbitrary file creation2011-01-12