CVE-2010-1386

EPSS 1.85%
Published 19.08.2010 22:00:01
Last modified 11.04.2025 00:51:21
Source product-security@apple.com
Teams watchlist Login
Open Login

page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ WebKit Version <= r56187

Apple ≫ WebKit Versionr50173

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.85%	0.814

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://secunia.com/advisories/43068

Vendor Advisory

http://www.vupen.com/english/advisories/2011/0212

Vendor Advisory

http://secunia.com/advisories/41856

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

http://www.ubuntu.com/usn/USN-1006-1

http://www.vupen.com/english/advisories/2010/2722

Vendor Advisory

http://www.vupen.com/english/advisories/2011/0552

Vendor Advisory

http://security-tracker.debian.org/tracker/CVE-2010-1386

http://trac.webkit.org/changeset/56188

http://www.securityfocus.com/bid/42500

https://bugs.webkit.org/show_bug.cgi?id=36255

https://nvd.nist.gov/vuln/detail/CVE-2010-1386

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-1386

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-1386

EUVD