5
CVE-2011-0159
- EPSS 1.72%
- Veröffentlicht 11.03.2011 22:55:02
- Zuletzt bearbeitet 16.06.2026 23:26:55
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote web servers to track users by setting a cookie.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.72% | 0.745 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
http://support.apple.com/kb/HT4564
http://www.securitytracker.com/id?1025182
http://www.securityfocus.com/bid/46810