Lucene search
AppleCVE-2010-1805HistorySep 10, 2010 - 7:00 p.m.
CVE-2010-1805
2010-09-1019:00:01
CWE-264
apple
web.nvd.nist.gov
27
cve-2010-1805
untrusted search path vulnerability
apple safari
windows
privilege escalation
trojan horse
explorer.exe
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.
Affected configurations
Node
applesafariMatch4.0
ORapplesafariMatch4.0.0b
ORapplesafariMatch4.0.1
ORapplesafariMatch4.0.2
ORapplesafariMatch4.0.3
ORapplesafariMatch4.0.4
ORapplesafariMatch4.0.5
ORapplesafariMatch4.1
ORapplesafariMatch5.0
ORapplesafariMatch5.0.1
microsoftwindows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | safari | 5.0 | cpe:/a:apple:safari:5.0::: |
| apple | safari | 4.0.4 | cpe:/a:apple:safari:4.0.4::: |
| apple | safari | 4.1 | cpe:/a:apple:safari:4.1::: |
| apple | safari | 5.0.1 | cpe:/a:apple:safari:5.0.1::: |
| apple | safari | 4.0.3 | cpe:/a:apple:safari:4.0.3::: |
| apple | safari | 4.0.2 | cpe:/a:apple:safari:4.0.2::: |
| apple | safari | 4.0.1 | cpe:/a:apple:safari:4.0.1::: |
| apple | safari | 4.0.0b | cpe:/a:apple:safari:4.0.0b::: |
| apple | safari | 4.0 | cpe:/a:apple:safari:4.0::: |
| apple | safari | 4.0.5 | cpe:/a:apple:safari:4.0.5::: |
Related
nvd
nvd
CVE-2010-1805
2010-09-10 19:00:01
debiancve
debiancve
CVE-2010-1805
2010-09-10 19:00:00
ubuntucve
ubuntucve
CVE-2010-1805
2010-09-10 00:00:00
cvelist
cvelist
CVE-2010-1805
2010-09-10 18:00:00
prion
prion
Design/Logic Flaw
2010-09-10 19:00:00
threatpost
threatpost
Apple Plugs Safari Drive-by Download Security Holes
2010-09-08 13:57:18
openvas
openvas
Apple Safari Multiple Vulnerabilities (Sep 2010)
2010-09-15 00:00:00
Apple Safari Multiple Vulnerabilities - Sep10
2010-09-15 00:00:00
securityvulns
securityvulns
About the security content of Safari 5.0.2 and Safari 4.1.2
2010-09-14 00:00:00
Apple WebKit / Safari multiple security vulnerabilities
2010-09-14 00:00:00
nessus
nessus
Safari < 5.0.2 Multiple Vulnerabilities
2010-09-08 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2010-1805