CVE-2012-0585Apple Iphone OS vulnerability

CWE-2642 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.8%
top 26.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedMar 8
Latest updateMay 14

Description

The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/iphone_os< 5.1

🔴Vulnerability Details

1
GHSA
GHSA-9g46-7gm4-v6gc: The Private Browsing feature in Safari in Apple iOS before 52022-05-14
CVE-2012-0585 — Apple Iphone OS vulnerability | cvebase