Описание
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- ExploitPatch
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- ExploitPatch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.3 (включая)
Одно из
cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*
EPSS
Процентиль: 66%
0.00515
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.
EPSS
Процентиль: 66%
0.00515
Низкий
5 Medium
CVSS2
Дефекты
CWE-200