CVE-2010-1805 — Apple Safari vulnerability

CWE-2642 documents2 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 83.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedSep 10

Latest updateMay 17

Description

Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/safari10 versions+9

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-9r42-438r-j9xf: Untrusted search path vulnerability in Apple Safari 4↗2022-05-17

▶