CVE-2009-2192
5.9 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.7%
MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a “logic issue.”
References
lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
osvdb.org/56839
secunia.com/advisories/36096
support.apple.com/kb/HT3757
www.securityfocus.com/bid/35954
www.us-cert.gov/cas/techalerts/TA09-218A.html
www.vupen.com/english/advisories/2009/2172
exchange.xforce.ibmcloud.com/vulnerabilities/52432
Social References
More
Related
5.9 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.7%