Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-3810
HistoryNov 22, 2010 - 1:00 p.m.

CVE-2010-3810

2010-11-2213:00:18
[email protected]
web.nvd.nist.gov
33
cve-2010-3810
webkit
apple safari
cross-origin attack
security vulnerability
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.5%

JSON

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar’s URL or add URLs to the history via a cross-origin attack.

Affected configurations

NVD
Node
applesafariRange5.0.2
OR
applesafariMatch5.0
OR
applesafariMatch5.0.1
OR
applewebkit
AND
applemac_os_xMatch10.5
OR
applemac_os_xMatch10.5.0
OR
applemac_os_xMatch10.5.1
OR
applemac_os_xMatch10.5.2
OR
applemac_os_xMatch10.5.3
OR
applemac_os_xMatch10.5.4
OR
applemac_os_xMatch10.5.5
OR
applemac_os_xMatch10.5.6
OR
applemac_os_xMatch10.5.7
OR
applemac_os_xMatch10.5.8
OR
applemac_os_xMatch10.6.0
OR
applemac_os_xMatch10.6.1
OR
applemac_os_xMatch10.6.2
OR
applemac_os_xMatch10.6.3
OR
applemac_os_xMatch10.6.4
OR
applemac_os_xMatch10.6.5
OR
applemac_os_x_serverMatch10.5
OR
applemac_os_x_serverMatch10.5.0
OR
applemac_os_x_serverMatch10.5.1
OR
applemac_os_x_serverMatch10.5.2
OR
applemac_os_x_serverMatch10.5.3
OR
applemac_os_x_serverMatch10.5.4
OR
applemac_os_x_serverMatch10.5.5
OR
applemac_os_x_serverMatch10.5.6
OR
applemac_os_x_serverMatch10.5.7
OR
applemac_os_x_serverMatch10.5.8
OR
applemac_os_x_serverMatch10.6.0
OR
applemac_os_x_serverMatch10.6.1
OR
applemac_os_x_serverMatch10.6.2
OR
applemac_os_x_serverMatch10.6.3
OR
applemac_os_x_serverMatch10.6.4
OR
applemac_os_x_serverMatch10.6.5
OR
microsoftwindows_7
OR
microsoftwindows_vista
OR
microsoftwindows_xpsp2
Node
applesafariRange4.1.2
OR
applesafariMatch1.0
OR
applesafariMatch1.0beta
OR
applesafariMatch1.0beta2
OR
applesafariMatch1.0.0
OR
applesafariMatch1.0.0b1
OR
applesafariMatch1.0.0b2
OR
applesafariMatch1.0.1
OR
applesafariMatch1.0.2
OR
applesafariMatch1.0.3
OR
applesafariMatch1.0.385.8
OR
applesafariMatch1.0.385.8.1
OR
applesafariMatch1.1
OR
applesafariMatch1.1.0
OR
applesafariMatch1.1.1
OR
applesafariMatch1.2
OR
applesafariMatch1.2.0
OR
applesafariMatch1.2.1
OR
applesafariMatch1.2.2
OR
applesafariMatch1.2.3
OR
applesafariMatch1.2.4
OR
applesafariMatch1.2.5
OR
applesafariMatch1.3
OR
applesafariMatch1.3.0
OR
applesafariMatch1.3.1
OR
applesafariMatch1.3.2
OR
applesafariMatch1.3.2312.5
OR
applesafariMatch1.3.2312.6
OR
applesafariMatch2
OR
applesafariMatch2.0
OR
applesafariMatch2.0.0
OR
applesafariMatch2.0.1
OR
applesafariMatch2.0.2
OR
applesafariMatch2.0.3
OR
applesafariMatch2.0.3417.8
OR
applesafariMatch2.0.3417.9
OR
applesafariMatch2.0.3417.9.2
OR
applesafariMatch2.0.3417.9.3
OR
applesafariMatch2.0.4
OR
applesafariMatch3
OR
applesafariMatch3.0
OR
applesafariMatch3.0.0
OR
applesafariMatch3.0.0b
OR
applesafariMatch3.0.1
OR
applesafariMatch3.0.1b
OR
applesafariMatch3.0.2
OR
applesafariMatch3.0.2b
OR
applesafariMatch3.0.3
OR
applesafariMatch3.0.3b
OR
applesafariMatch3.0.4
OR
applesafariMatch3.0.4b
OR
applesafariMatch3.1.0
OR
applesafariMatch3.1.0b
OR
applesafariMatch3.1.1
OR
applesafariMatch3.1.2
OR
applesafariMatch3.2.0
OR
applesafariMatch3.2.1
OR
applesafariMatch3.2.2
OR
applesafariMatch4.1
OR
applesafariMatch4.1.1
OR
applewebkit
AND
applemac_os_xMatch10.4
OR
applemac_os_xMatch10.4.0
OR
applemac_os_xMatch10.4.1
OR
applemac_os_xMatch10.4.2
OR
applemac_os_xMatch10.4.3
OR
applemac_os_xMatch10.4.4
OR
applemac_os_xMatch10.4.5
OR
applemac_os_xMatch10.4.6
OR
applemac_os_xMatch10.4.7
OR
applemac_os_xMatch10.4.8
OR
applemac_os_xMatch10.4.9
OR
applemac_os_xMatch10.4.10
OR
applemac_os_xMatch10.4.11
OR
applemac_os_x_serverMatch10.4
OR
applemac_os_x_serverMatch10.4.0
OR
applemac_os_x_serverMatch10.4.1
OR
applemac_os_x_serverMatch10.4.2
OR
applemac_os_x_serverMatch10.4.3
OR
applemac_os_x_serverMatch10.4.4
OR
applemac_os_x_serverMatch10.4.5
OR
applemac_os_x_serverMatch10.4.6
OR
applemac_os_x_serverMatch10.4.7
OR
applemac_os_x_serverMatch10.4.8
OR
applemac_os_x_serverMatch10.4.9
OR
applemac_os_x_serverMatch10.4.10
OR
applemac_os_x_serverMatch10.4.11

Related

cvelist 1
ubuntucve 1
prion 1
nvd 1
openvas 2
securityvulns 1
nessus 4
cvelist
cvelist
CVE-2010-3810
2010-11-20 21:00:00
ubuntucve
ubuntucve
CVE-2010-3810
2010-11-22 00:00:00
prion
prion
Cross site scripting
2010-11-22 13:00:00
nvd
nvd
CVE-2010-3810
2010-11-22 13:00:18
openvas
openvas
Apple Safari Webkit Multiple Vulnerabilities - Nov10
2010-11-23 00:00:00
Apple Safari Webkit < 5.0.3 Multiple Vulnerabilities (HT4455)
2010-11-23 00:00:00
securityvulns
securityvulns
About the security content of Safari 5.0.3 and Safari 4.1.3
2010-11-20 00:00:00
nessus
nessus
Safari < 5.0.3 Multiple Vulnerabilities
2010-11-18 00:00:00
Mac OS X : Apple Safari < 5.0.3 / 4.1.3
2010-11-18 00:00:00
openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
2014-06-13 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.5%

JSON
Related for CVE-2010-3810
cvelist1ubuntucve1prion1nvd1openvas2securityvulns1nessus4