Описание
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-1706
- http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
- http://osvdb.org/54997
- http://secunia.com/advisories/35379
- http://support.apple.com/kb/HT3613
- http://www.securityfocus.com/bid/35260
- http://www.securityfocus.com/bid/35346
- http://www.vupen.com/english/advisories/2009/1522
Связанные уязвимости
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.