cvelistv5 - cve-2010-0044

CVE-2010-0044 (GCVE-0-2010-0044)

Vulnerability from cvelistv5 – Published: 2010-03-12 20:00 – Updated: 2024-08-07 00:37

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/bid/38675	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://support.apple.com/kb/HT4070	x_refsource_CONFIRM
	http://osvdb.org/62937	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/38671	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.843Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2010-03-11-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
          },
          {
            "name": "38675",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38675"
          },
          {
            "name": "safari-pubsub-security-bypass(56830)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4070"
          },
          {
            "name": "62937",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/62937"
          },
          {
            "name": "oval:org.mitre.oval:def:7051",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
          },
          {
            "name": "38671",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38671"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2010-03-11-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
        },
        {
          "name": "38675",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38675"
        },
        {
          "name": "safari-pubsub-security-bypass(56830)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4070"
        },
        {
          "name": "62937",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/62937"
        },
        {
          "name": "oval:org.mitre.oval:def:7051",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
        },
        {
          "name": "38671",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38671"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2010-0044",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2010-03-11-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
            },
            {
              "name": "38675",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38675"
            },
            {
              "name": "safari-pubsub-security-bypass(56830)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
            },
            {
              "name": "http://support.apple.com/kb/HT4070",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4070"
            },
            {
              "name": "62937",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/62937"
            },
            {
              "name": "oval:org.mitre.oval:def:7051",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
            },
            {
              "name": "38671",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38671"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2010-0044",
    "datePublished": "2010-03-12T20:00:00",
    "dateReserved": "2009-12-15T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.843Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.0.4\", \"matchCriteriaId\": \"B1816CD6-0159-4684-A54D-94866D3FE570\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02EAC196-AE43-4787-9AF9-E79E2E1BBA46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36EA71E0-63F7-46FF-AF11-792741F27628\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E36485-565D-4FAA-A6AD-57DF42D47462\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.\"}, {\"lang\": \"es\", \"value\": \"PubSub en Apple Safari anterior a v 4.0.5 no implementa adecuadamente las preferencias de uso para aceptar y rechazar cookies, lo que facilita a servidores web remotos seguir las preferencias de usuario (tracking) estableciendo una cookie en un (1) RSS o (2) Atom feed.\"}]",
      "evaluatorComment": "Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\r\n\r\n\u0027PubSub\r\nCVE-ID:  CVE-2010-0044\r\nAvailable for:  Mac OS X v10.4.11, Mac OS X Server v10.4.11,\r\nMac OS X v10.5.8, Mac OS X Server v10.5.8,\r\nMac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,\r\nWindows 7, Vista, XP\r\nImpact:  Visiting or updating a feed may result in a cookie being\r\nset, even if Safari is configured to block cookies\r\nDescription:  An implementation issue exists in the handling of\r\ncookies set by RSS and Atom feeds. Visiting or updating a feed may\r\nresult in a cookie being set, even if Safari is configured to block\r\ncookies via the \"Accept Cookies\" preference. This update addresses\r\nthe issue by respecting the preference while updating or viewing\r\nfeeds.\u0027",
      "evaluatorSolution": "Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\r\n\r\n\u0027Safari 4.0.5 is available via the Apple Software Update application,\r\nor Apple\u0027s Safari download site at:\r\nhttp://www.apple.com/safari/download/\u0027",
      "id": "CVE-2010-0044",
      "lastModified": "2024-11-21T01:11:24.107",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2010-03-15T13:28:25.467",
      "references": "[{\"url\": \"http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://osvdb.org/62937\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://support.apple.com/kb/HT4070\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/38671\", \"source\": \"product-security@apple.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/38675\", \"source\": \"product-security@apple.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56830\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://osvdb.org/62937\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.apple.com/kb/HT4070\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/38671\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/38675\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56830\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-16\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-0044\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2010-03-15T13:28:25.467\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.\"},{\"lang\":\"es\",\"value\":\"PubSub en Apple Safari anterior a v 4.0.5 no implementa adecuadamente las preferencias de uso para aceptar y rechazar cookies, lo que facilita a servidores web remotos seguir las preferencias de usuario (tracking) estableciendo una cookie en un (1) RSS o (2) Atom feed.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-16\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.4\",\"matchCriteriaId\":\"B1816CD6-0159-4684-A54D-94866D3FE570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02EAC196-AE43-4787-9AF9-E79E2E1BBA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36EA71E0-63F7-46FF-AF11-792741F27628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E36485-565D-4FAA-A6AD-57DF42D47462\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/62937\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4070\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/38671\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/38675\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56830\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/62937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/38671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/38675\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56830\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\\r\\n\\r\\n\u0027PubSub\\r\\nCVE-ID:  CVE-2010-0044\\r\\nAvailable for:  Mac OS X v10.4.11, Mac OS X Server v10.4.11,\\r\\nMac OS X v10.5.8, Mac OS X Server v10.5.8,\\r\\nMac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,\\r\\nWindows 7, Vista, XP\\r\\nImpact:  Visiting or updating a feed may result in a cookie being\\r\\nset, even if Safari is configured to block cookies\\r\\nDescription:  An implementation issue exists in the handling of\\r\\ncookies set by RSS and Atom feeds. Visiting or updating a feed may\\r\\nresult in a cookie being set, even if Safari is configured to block\\r\\ncookies via the \\\"Accept Cookies\\\" preference. This update addresses\\r\\nthe issue by respecting the preference while updating or viewing\\r\\nfeeds.\u0027\",\"evaluatorSolution\":\"Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\\r\\n\\r\\n\u0027Safari 4.0.5 is available via the Apple Software Update application,\\r\\nor Apple\u0027s Safari download site at:\\r\\nhttp://www.apple.com/safari/download/\u0027\"}}"
  }
}

CERTA-2010-AVI-120

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans Apple Safari ont été corrigées.

Description

Plusieurs vulnérabilités ont été corrigées dans Apple Safari. Leur exploitation permet notamment à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	Safari	Safari 4.x sur Apple MacOS X.
	Apple	Safari	Safari 4.x sur Microsoft Windows ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4070 du 11 mars 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Safari 4.x sur Apple MacOS X.",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari 4.x sur Microsoft Windows ;",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari. Leur\nexploitation permet notamment \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0046"
    },
    {
      "name": "CVE-2010-0043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0043"
    },
    {
      "name": "CVE-2010-0042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0042"
    },
    {
      "name": "CVE-2010-0044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0044"
    },
    {
      "name": "CVE-2010-0041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0041"
    },
    {
      "name": "CVE-2010-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0053"
    },
    {
      "name": "CVE-2010-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0050"
    },
    {
      "name": "CVE-2010-0040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0040"
    },
    {
      "name": "CVE-2010-0047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0047"
    },
    {
      "name": "CVE-2010-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0049"
    },
    {
      "name": "CVE-2010-0048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0048"
    },
    {
      "name": "CVE-2010-0045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0045"
    },
    {
      "name": "CVE-2010-0051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0051"
    },
    {
      "name": "CVE-2010-0052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0052"
    },
    {
      "name": "CVE-2009-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2285"
    },
    {
      "name": "CVE-2010-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0054"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-120",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-03-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Apple Safari ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4070 du 11 mars 2010",
      "url": "http://support.apple.com/kb/HT4070"
    }
  ]
}

CERTA-2010-AVI-120

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans Apple Safari ont été corrigées.

Description

Plusieurs vulnérabilités ont été corrigées dans Apple Safari. Leur exploitation permet notamment à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	Safari	Safari 4.x sur Apple MacOS X.
	Apple	Safari	Safari 4.x sur Microsoft Windows ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4070 du 11 mars 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Safari 4.x sur Apple MacOS X.",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari 4.x sur Microsoft Windows ;",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari. Leur\nexploitation permet notamment \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0046"
    },
    {
      "name": "CVE-2010-0043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0043"
    },
    {
      "name": "CVE-2010-0042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0042"
    },
    {
      "name": "CVE-2010-0044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0044"
    },
    {
      "name": "CVE-2010-0041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0041"
    },
    {
      "name": "CVE-2010-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0053"
    },
    {
      "name": "CVE-2010-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0050"
    },
    {
      "name": "CVE-2010-0040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0040"
    },
    {
      "name": "CVE-2010-0047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0047"
    },
    {
      "name": "CVE-2010-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0049"
    },
    {
      "name": "CVE-2010-0048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0048"
    },
    {
      "name": "CVE-2010-0045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0045"
    },
    {
      "name": "CVE-2010-0051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0051"
    },
    {
      "name": "CVE-2010-0052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0052"
    },
    {
      "name": "CVE-2009-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2285"
    },
    {
      "name": "CVE-2010-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0054"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-120",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-03-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Apple Safari ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4070 du 11 mars 2010",
      "url": "http://support.apple.com/kb/HT4070"
    }
  ]
}

FKIE_CVE-2010-0044

Vulnerability from fkie_nvd - Published: 2010-03-15 13:28 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html	Vendor Advisory
product-security@apple.com	http://osvdb.org/62937
product-security@apple.com	http://support.apple.com/kb/HT4070	Vendor Advisory
product-security@apple.com	http://www.securityfocus.com/bid/38671	Patch
product-security@apple.com	http://www.securityfocus.com/bid/38675	Patch
product-security@apple.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/56830
product-security@apple.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/62937
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4070	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38671	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38675	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56830
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051

Impacted products

Vendor	Product	Version
apple	safari	*
apple	safari	4.0
apple	safari	4.0.0b
apple	safari	4.0.1
apple	safari	4.0.2
apple	safari	4.0.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1816CD6-0159-4684-A54D-94866D3FE570",
              "versionEndIncluding": "4.0.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed."
    },
    {
      "lang": "es",
      "value": "PubSub en Apple Safari anterior a v 4.0.5 no implementa adecuadamente las preferencias de uso para aceptar y rechazar cookies, lo que facilita a servidores web remotos seguir las preferencias de usuario (tracking) estableciendo una cookie en un (1) RSS o (2) Atom feed."
    }
  ],
  "evaluatorComment": "Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\r\n\r\n\u0027PubSub\r\nCVE-ID:  CVE-2010-0044\r\nAvailable for:  Mac OS X v10.4.11, Mac OS X Server v10.4.11,\r\nMac OS X v10.5.8, Mac OS X Server v10.5.8,\r\nMac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,\r\nWindows 7, Vista, XP\r\nImpact:  Visiting or updating a feed may result in a cookie being\r\nset, even if Safari is configured to block cookies\r\nDescription:  An implementation issue exists in the handling of\r\ncookies set by RSS and Atom feeds. Visiting or updating a feed may\r\nresult in a cookie being set, even if Safari is configured to block\r\ncookies via the \"Accept Cookies\" preference. This update addresses\r\nthe issue by respecting the preference while updating or viewing\r\nfeeds.\u0027",
  "evaluatorSolution": "Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\r\n\r\n\u0027Safari 4.0.5 is available via the Apple Software Update application,\r\nor Apple\u0027s Safari download site at:\r\nhttp://www.apple.com/safari/download/\u0027",
  "id": "CVE-2010-0044",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-03-15T13:28:25.467",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://osvdb.org/62937"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4070"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/38671"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/38675"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/62937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/38671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/38675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-16"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2010-0044

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-0044

Aliases

CVE-2010-0044

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-0044",
    "description": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.",
    "id": "GSD-2010-0044"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-0044"
      ],
      "details": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.",
      "id": "GSD-2010-0044",
      "modified": "2023-12-13T01:21:29.222066Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2010-0044",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2010-03-11-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
          },
          {
            "name": "38675",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/38675"
          },
          {
            "name": "safari-pubsub-security-bypass(56830)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
          },
          {
            "name": "http://support.apple.com/kb/HT4070",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4070"
          },
          {
            "name": "62937",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/62937"
          },
          {
            "name": "oval:org.mitre.oval:def:7051",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
          },
          {
            "name": "38671",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/38671"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2010-0044"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-16"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2010-03-11-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
            },
            {
              "name": "38671",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/38671"
            },
            {
              "name": "http://support.apple.com/kb/HT4070",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4070"
            },
            {
              "name": "38675",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/38675"
            },
            {
              "name": "62937",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/62937"
            },
            {
              "name": "safari-pubsub-security-bypass(56830)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
            },
            {
              "name": "oval:org.mitre.oval:def:7051",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-09-19T01:30Z",
      "publishedDate": "2010-03-15T13:28Z"
    }
  }
}

GHSA-HV89-3XXG-F733

Vulnerability from github – Published: 2022-05-02 06:09 – Updated: 2022-05-02 06:09

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-0044"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-03-15T13:28:00Z",
    "severity": "MODERATE"
  },
  "details": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.",
  "id": "GHSA-hv89-3xxg-f733",
  "modified": "2022-05-02T06:09:49Z",
  "published": "2022-05-02T06:09:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0044"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7051"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/62937"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4070"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/38671"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/38675"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201003-0124

Vulnerability from variot - Updated: 2023-12-18 11:18

PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed. Safari is prone to a configuration-bypass weakness that affects the PubSub component of Safari. A successful attack will result in the bypass of intended security settings. This may result in a false sense of security. This issue was previously documented in BID 38671 (Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities) but has been given its own record to better document it. This issue affect versions prior to Safari 4.0.5 running on Apple Mac OS X, Windows 7, XP, and Vista. NOTE: This BID is being retired because the following individual records have been created to better document issues previously mentioned in this BID: 38674 Apple Safari Prior to 4.0.5 Integer Overflow Vulnerability 35451 LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability 38676 Apple Safari BMP Image Uninitialized Memory Information Disclosure Vulnerability 38677 Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability 38673 Apple Safari ImageIO TIFF Image Remote Code Execution Vulnerability 38675 Apple Safari Prior to 4.0.5 Configuration Bypass Weakness 38683 Apple Safari URL Schemes Handling Remote Code Execution Vulnerability 38684 WebKit CSS 'format()' Arguments Memory Corruption Vulnerability 38687 WebKit Object Element Fallback Memory Corruption Vulnerability 38688 WebKit XML Document Parsing Memory Corruption Vulnerability 38689 WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability 38685 WebKit Nested HTML Tags Use-After-Free Error Remote Code Execution Vulnerability 38692 WebKit Cross-Origin Stylesheet Request Information Disclosure Vulnerability 38686 WebKit HTML Elements Callback Use-After-Free Error Remote Code Execution Vulnerability 38690 WebKit CSS Display Use-After-Free Error Remote Code Execution Vulnerability 38691 WebKit HTML Image Element Handling Memory Corruption Vulnerability. Safari is the web browser bundled by default in the Apple family machine operating system

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201003-0124",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "safari",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "4.0.0b"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.4.11"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.4.11"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari for windows",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.5"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "38675"
      },
      {
        "db": "BID",
        "id": "38671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Matthew Jurczyk Billy Rios Robert Swiecki robert@swiecki.net wushi wooshi@gmail.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-0044",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2010-0044",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-42649",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2010-0044",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201003-183",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-42649",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed. Safari is prone to a configuration-bypass weakness that affects the PubSub component of Safari. \nA successful attack will result in the bypass of intended security settings. This may result in a false sense of security. \nThis issue was previously documented in BID 38671 (Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities) but has been given its own record to better document it. \nThis issue affect versions prior to Safari 4.0.5 running on Apple Mac OS X, Windows 7, XP, and Vista. \nNOTE: This BID is being retired because the following individual records have been created to better document issues previously mentioned in this BID:\n38674 Apple Safari Prior to 4.0.5 Integer Overflow Vulnerability\n35451 LibTIFF \u0027LZWDecodeCompat()\u0027 Remote Buffer Underflow Vulnerability\n38676 Apple Safari BMP Image Uninitialized Memory Information Disclosure Vulnerability\n38677 Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability\n38673 Apple Safari ImageIO TIFF Image Remote Code Execution Vulnerability\n38675 Apple Safari Prior to 4.0.5 Configuration Bypass Weakness\n38683 Apple Safari URL Schemes Handling Remote Code Execution Vulnerability\n38684 WebKit CSS \u0027format()\u0027 Arguments Memory Corruption Vulnerability\n38687 WebKit Object Element Fallback Memory Corruption Vulnerability\n38688 WebKit XML Document Parsing Memory Corruption Vulnerability\n38689 WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability\n38685 WebKit Nested HTML Tags Use-After-Free Error Remote Code Execution Vulnerability\n38692 WebKit Cross-Origin Stylesheet Request Information Disclosure Vulnerability\n38686 WebKit HTML Elements Callback Use-After-Free Error Remote Code Execution Vulnerability\n38690 WebKit CSS Display Use-After-Free Error Remote Code Execution Vulnerability\n38691 WebKit HTML Image Element Handling Memory Corruption Vulnerability. Safari is the web browser bundled by default in the Apple family machine operating system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "BID",
        "id": "38675"
      },
      {
        "db": "BID",
        "id": "38671"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "38675",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "38671",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "62937",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183",
        "trust": 0.7
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2010-03-11-1",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14628",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-42649",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "db": "BID",
        "id": "38675"
      },
      {
        "db": "BID",
        "id": "38671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "id": "VAR-201003-0124",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:18:38.842000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT4070",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4070"
      },
      {
        "title": "HT4070",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4070?viewlocale=ja_jp"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-16",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/38675"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2010/mar/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/38671"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht4070"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/62937"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7051"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56830"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0044"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0044"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/safari/"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/14628"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "db": "BID",
        "id": "38675"
      },
      {
        "db": "BID",
        "id": "38671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "db": "BID",
        "id": "38675"
      },
      {
        "db": "BID",
        "id": "38671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-03-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "date": "2010-03-11T00:00:00",
        "db": "BID",
        "id": "38675"
      },
      {
        "date": "2010-03-11T00:00:00",
        "db": "BID",
        "id": "38671"
      },
      {
        "date": "2010-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "date": "2010-03-15T13:28:25.467000",
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "date": "2010-03-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42649"
      },
      {
        "date": "2010-03-11T00:00:00",
        "db": "BID",
        "id": "38675"
      },
      {
        "date": "2010-03-12T15:32:00",
        "db": "BID",
        "id": "38671"
      },
      {
        "date": "2010-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      },
      {
        "date": "2017-09-19T01:30:11.517000",
        "db": "NVD",
        "id": "CVE-2010-0044"
      },
      {
        "date": "2010-03-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "38675"
      },
      {
        "db": "BID",
        "id": "38671"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Safari of  PubSub In  Cookie Vulnerability set",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001184"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "configuration error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-183"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-0044 (GCVE-0-2010-0044)

CERTA-2010-AVI-120

Description

Solution

CERTA-2010-AVI-120

Description

Solution

FKIE_CVE-2010-0044

GSD-2010-0044

GHSA-HV89-3XXG-F733

VAR-201003-0124

Tags

Sightings

Nomenclature