Lucene search

K

AppleCVELIST:CVE-2010-1406

HistoryJun 11, 2010 - 5:28 p.m.

CVE-2010-1406

2010-06-1117:28:00

apple

www.cve.org

4

AI Score

8.4

Confidence

High

EPSS

0.006

Percentile

79.1%

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660.

References

lists.apple.com/archives/security-announce/2010/Jun/msg00000.html

lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/40105

secunia.com/advisories/41856

secunia.com/advisories/43068

securitytracker.com/id?1024067

support.apple.com/kb/HT4196

support.apple.com/kb/HT4225

www.mandriva.com/security/advisories?name=MDVSA-2011:039

www.securityfocus.com/bid/40620

www.ubuntu.com/usn/USN-1006-1

www.vupen.com/english/advisories/2010/1373

www.vupen.com/english/advisories/2010/2722

www.vupen.com/english/advisories/2011/0212

www.vupen.com/english/advisories/2011/0552

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7197

AI Score

8.4

Confidence

High

EPSS

0.006

Percentile

79.1%

Related for CVELIST:CVE-2010-1406

nvd2 cve2 ubuntucve2 debiancve2 prion2 cvelist1 openvas7 nessus9 securityvulns2