Lucene search

[email protected]CVE-2011-0159

HistoryMar 11, 2011 - 10:55 p.m.

CVE-2011-0159

2011-03-1122:55:02

CWE-20

[email protected]

web.nvd.nist.gov

safari

apple

ios

cve-2011-0159

security

web servers

tracking

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.8%

JSON

The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote web servers to track users by setting a cookie.

Affected configurations

NVD

Node

appleiphone_osMatch4.0

appleiphone_osMatch4.1

appleiphone_osMatch4.2

CPENameOperatorVersion
apple:iphone_osapple iphone oseq4.0
apple:iphone_osapple iphone oseq4.1
apple:iphone_osapple iphone oseq4.2

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	eq	4.0
apple:iphone_os	apple iphone os	eq	4.1
apple:iphone_os	apple iphone os	eq	4.2

References

lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

support.apple.com/kb/HT4564

www.securityfocus.com/bid/46810

www.securitytracker.com/id?1025182

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.8%

JSON

Related for CVE-2011-0159

nvd1 prion1 cvelist1