CVE-2011-0159
Time Line
Published
2024-03-19
Updated
2024-03-19
Firt exploit
2024-03-19
Overview
Descriptions (2)
NVD, NVD
CWE (1)
CWE-20: Improper Input Validation
CAPEC (-)
Risk
CVSS Score
4.3 Medium
SSVC
-
KEV
-
EPSS
0.3%
Affected Products (-)
Vendors (1)
apple
Products (1)
iphone_os
Versions (3)
4.0, 4.1, 4.2
Intel Resources (-)
Advisories (-)
-
Exploits (-)
-
Plugins (-)
-
References (4)
General (2)
securityfocus, securitytracker
Exploits & POcs (-)
Patches (-)
Advisories (2)
apple
Summary
Descriptions
The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote web servers to track users by setting a cookie.
La característica de Configuración de Safari en Safari en Apple iOS v4.x antes de v4.3 no aplica adecuadamente la limpieza de cookies durante la ejecución de la aplicación Safari, lo que podría facilitar a los servidores Web remotos rastrear a los usuarios mediante el establecimiento de una "cookie".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-12-23 CVE Reserved
- 2011-03-11 CVE Published
- 2024-03-27 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
Threat Intelligence Resources (0)
| Select | Title | Date |
|---|
Security Advisory details:
Select an advisory to view details here.
| Select | Title | Date |
|---|
Select an exploit to view details here.
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/46810 | Vdb Entry | |
| http://www.securitytracker.com/id?1025182 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html | 2011-03-31 | |
| http://support.apple.com/kb/HT4564 | 2011-03-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.0 Search vendor "Apple" for product "Iphone Os" and version "4.0" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.1 Search vendor "Apple" for product "Iphone Os" and version "4.1" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.2 Search vendor "Apple" for product "Iphone Os" and version "4.2" | - |
Affected
| ||||||