Lucene search

AppleCVE-2010-3804

HistoryNov 22, 2010 - 1:00 p.m.

CVE-2010-3804

2010-11-2213:00:17

CWE-310

apple

web.nvd.nist.gov

cve-2010-3804

apple safari

javascript

webkit

remote attack

cve-2008-5913

cve-2010-3171

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

8.2

Confidence

High

EPSS

0.021

Percentile

89.1%

JSON

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.

Affected configurations

Nvd

Node

applesafariRange≤5.0.2

applesafariMatch5.0

applesafariMatch5.0.1

applewebkit

AND

applemac_os_xMatch10.5

applemac_os_xMatch10.5.0

applemac_os_xMatch10.5.1

applemac_os_xMatch10.5.2

applemac_os_xMatch10.5.3

applemac_os_xMatch10.5.4

applemac_os_xMatch10.5.5

applemac_os_xMatch10.5.6

applemac_os_xMatch10.5.7

applemac_os_xMatch10.5.8

applemac_os_xMatch10.6.0

applemac_os_xMatch10.6.1

applemac_os_xMatch10.6.2

applemac_os_xMatch10.6.3

applemac_os_xMatch10.6.4

applemac_os_xMatch10.6.5

applemac_os_x_serverMatch10.5

applemac_os_x_serverMatch10.5.0

applemac_os_x_serverMatch10.5.1

applemac_os_x_serverMatch10.5.2

applemac_os_x_serverMatch10.5.3

applemac_os_x_serverMatch10.5.4

applemac_os_x_serverMatch10.5.5

applemac_os_x_serverMatch10.5.6

applemac_os_x_serverMatch10.5.7

applemac_os_x_serverMatch10.5.8

applemac_os_x_serverMatch10.6.0

applemac_os_x_serverMatch10.6.1

applemac_os_x_serverMatch10.6.2

applemac_os_x_serverMatch10.6.3

applemac_os_x_serverMatch10.6.4

applemac_os_x_serverMatch10.6.5

microsoftwindows_7

microsoftwindows_vista

microsoftwindows_xpsp2

Node

applesafariRange≤4.1.2

applesafariMatch1.0

applesafariMatch1.0beta

applesafariMatch1.0beta2

applesafariMatch1.0.0

applesafariMatch1.0.0b1

applesafariMatch1.0.0b2

applesafariMatch1.0.1

applesafariMatch1.0.2

applesafariMatch1.0.3

applesafariMatch1.0.385.8

applesafariMatch1.0.385.8.1

applesafariMatch1.1

applesafariMatch1.1.0

applesafariMatch1.1.1

applesafariMatch1.2

applesafariMatch1.2.0

applesafariMatch1.2.1

applesafariMatch1.2.2

applesafariMatch1.2.3

applesafariMatch1.2.4

applesafariMatch1.2.5

applesafariMatch1.3

applesafariMatch1.3.0

applesafariMatch1.3.1

applesafariMatch1.3.2

applesafariMatch1.3.2312.5

applesafariMatch1.3.2312.6

applesafariMatch2

applesafariMatch2.0

applesafariMatch2.0.0

applesafariMatch2.0.1

applesafariMatch2.0.2

applesafariMatch2.0.3

applesafariMatch2.0.3417.8

applesafariMatch2.0.3417.9

applesafariMatch2.0.3417.9.2

applesafariMatch2.0.3417.9.3

applesafariMatch2.0.4

applesafariMatch3

applesafariMatch3.0

applesafariMatch3.0.0

applesafariMatch3.0.0b

applesafariMatch3.0.1

applesafariMatch3.0.1b

applesafariMatch3.0.2

applesafariMatch3.0.2b

applesafariMatch3.0.3

applesafariMatch3.0.3b

applesafariMatch3.0.4

applesafariMatch3.0.4b

applesafariMatch3.1.0

applesafariMatch3.1.0b

applesafariMatch3.1.1

applesafariMatch3.1.2

applesafariMatch3.2.0

applesafariMatch3.2.1

applesafariMatch3.2.2

applesafariMatch4.1

applesafariMatch4.1.1

applewebkit

AND

applemac_os_xMatch10.4

applemac_os_xMatch10.4.0

applemac_os_xMatch10.4.1

applemac_os_xMatch10.4.2

applemac_os_xMatch10.4.3

applemac_os_xMatch10.4.4

applemac_os_xMatch10.4.5

applemac_os_xMatch10.4.6

applemac_os_xMatch10.4.7

applemac_os_xMatch10.4.8

applemac_os_xMatch10.4.9

applemac_os_xMatch10.4.10

applemac_os_xMatch10.4.11

applemac_os_x_serverMatch10.4

applemac_os_x_serverMatch10.4.0

applemac_os_x_serverMatch10.4.1

applemac_os_x_serverMatch10.4.2

applemac_os_x_serverMatch10.4.3

applemac_os_x_serverMatch10.4.4

applemac_os_x_serverMatch10.4.5

applemac_os_x_serverMatch10.4.6

applemac_os_x_serverMatch10.4.7

applemac_os_x_serverMatch10.4.8

applemac_os_x_serverMatch10.4.9

applemac_os_x_serverMatch10.4.10

applemac_os_x_serverMatch10.4.11

VendorProductVersionCPE
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applesafari5.0cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*
applesafari5.0.1cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*
applewebkit*cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
applemac_os_x10.5cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
applemac_os_x10.5.0cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
applemac_os_x10.5.1cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
applemac_os_x10.5.2cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
applemac_os_x10.5.3cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
applemac_os_x10.5.4cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	safari	*	cpe:2.3:a:apple:safari::::::::
apple	safari	5.0	cpe:2.3:a:apple:safari:5.0:::::::*
apple	safari	5.0.1	cpe:2.3:a:apple:safari:5.0.1:::::::*
apple	webkit	*	cpe:2.3:a:apple:webkit::::::::
apple	mac_os_x	10.5	cpe:2.3:o:apple:mac_os_x:10.5:::::::*
apple	mac_os_x	10.5.0	cpe:2.3:o:apple:mac_os_x:10.5.0:::::::*
apple	mac_os_x	10.5.1	cpe:2.3:o:apple:mac_os_x:10.5.1:::::::*
apple	mac_os_x	10.5.2	cpe:2.3:o:apple:mac_os_x:10.5.2:::::::*
apple	mac_os_x	10.5.3	cpe:2.3:o:apple:mac_os_x:10.5.3:::::::*
apple	mac_os_x	10.5.4	cpe:2.3:o:apple:mac_os_x:10.5.4:::::::*