CVE-2012-0585

Опубликовано: 08 мар. 2012

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.

Ссылки

http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
Mailing List
Vendor Advisory
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
Mailing List
Vendor Advisory
http://osvdb.org/79964
Broken Link
http://secunia.com/advisories/48288
Third Party Advisory
http://secunia.com/advisories/48377
Third Party Advisory
http://www.securitytracker.com/id?1026774
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/73871
Third Party Advisory
VDB Entry
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
Mailing List
Vendor Advisory
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
Mailing List
Vendor Advisory
http://osvdb.org/79964
Broken Link
http://secunia.com/advisories/48288
Third Party Advisory
http://secunia.com/advisories/48377
Third Party Advisory
http://www.securitytracker.com/id?1026774
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/73871
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 5.1 (исключая)

EPSS

Процентиль: 73%

0.00775

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-9g46-7gm4-v6gc

github

больше 3 лет назад