5
CVE-2009-1706
- EPSS 1.4%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:07:52
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.4% | 0.688 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://secunia.com/advisories/35379
http://support.apple.com/kb/HT3613
http://www.vupen.com/english/advisories/2009/1522
http://www.securityfocus.com/bid/35260
http://osvdb.org/54997
http://www.securityfocus.com/bid/35346