10

CVE-2010-1386

page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleWebKit Version <= r56187
AppleWebKit Versionr50173
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.13% 0.796
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0212
Vendor Advisory
http://secunia.com/advisories/41856
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0552
Vendor Advisory
http://security-tracker.debian.org/tracker/CVE-2010-1386
http://trac.webkit.org/changeset/56188
http://www.securityfocus.com/bid/42500
https://bugs.webkit.org/show_bug.cgi?id=36255