5
CVE-2012-0585
- EPSS 2.5%
- Veröffentlicht 08.03.2012 22:55:01
- Zuletzt bearbeitet 16.06.2026 23:37:52
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.5% | 0.826 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
http://secunia.com/advisories/48288
http://secunia.com/advisories/48377
http://www.securitytracker.com/id?1026774
http://osvdb.org/79964
https://exchange.xforce.ibmcloud.com/vulnerabilities/73871