[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247213

 
 

909

 
 

194329

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-1386Date: (C)2010-08-19   (M)2024-02-09


page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-41856
BID-42500
SECUNIA-43068
ADV-2010-2722
ADV-2011-0212
ADV-2011-0552
MDVSA-2011:039
SUSE-SR:2011:002
USN-1006-1
http://security-tracker.debian.org/tracker/CVE-2010-1386
http://trac.webkit.org/changeset/56188
https://bugs.webkit.org/show_bug.cgi?id=36255

CPE    1
cpe:/a:apple:webkit
CWE    1
CWE-264
OVAL    7
oval:org.secpod.oval:def:101192
oval:org.secpod.oval:def:100700
oval:org.secpod.oval:def:101238
oval:org.secpod.oval:def:300417
...

© SecPod Technologies