CVE-2010-1386

CWE-2644 documents4 sources
Severity
10.0CRITICAL
EPSS
1.4%
top 19.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Webkit
Timeline
PublishedAug 19
Latest updateMay 2

Description

page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDapple/webkitr56187+1

🔴Vulnerability Details

2
GHSA
GHSA-9734-fx25-6jww: page/Geolocation2022-05-02
CVEList
CVE-2010-1386: page/Geolocation2010-08-19

💬Community

1
Bugzilla
update webkitgtk to 1.2.32010-07-16
CVE-2010-1386 (CRITICAL CVSS 10) | page/Geolocation.cpp in WebCore in | cvebase.io