10
CVE-2010-1386
- EPSS 2.13%
- Veröffentlicht 19.08.2010 22:00:01
- Zuletzt bearbeitet 16.06.2026 23:18:15
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.13% | 0.796 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
http://www.vupen.com/english/advisories/2011/0212
http://secunia.com/advisories/41856
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0552
http://security-tracker.debian.org/tracker/CVE-2010-1386
http://trac.webkit.org/changeset/56188
http://www.securityfocus.com/bid/42500
https://bugs.webkit.org/show_bug.cgi?id=36255