6.9

CVE-2010-1805

Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version4.0
   MicrosoftWindows
AppleSafari Version4.0.0b
   MicrosoftWindows
AppleSafari Version4.0.1
   MicrosoftWindows
AppleSafari Version4.0.2
   MicrosoftWindows
AppleSafari Version4.0.3
   MicrosoftWindows
AppleSafari Version4.0.4
   MicrosoftWindows
AppleSafari Version4.0.5
   MicrosoftWindows
AppleSafari Version4.1
   MicrosoftWindows
AppleSafari Version5.0
   MicrosoftWindows
AppleSafari Version5.0.1
   MicrosoftWindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.3% 0.215
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2010//Sep/msg00001.html
Vendor Advisory
http://support.apple.com/kb/HT4333
Vendor Advisory
http://www.securityfocus.com/bid/43048
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11956