Lucene search

K

AppleCVELIST:CVE-2010-3804

HistoryNov 20, 2010 - 9:00 p.m.

CVE-2010-3804

2010-11-2021:00:00

apple

www.cve.org

35

AI Score

8.9

Confidence

High

EPSS

0.021

Percentile

89.1%

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.

References

lists.apple.com/archives/security-announce/2010//Nov/msg00002.html

lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/42314

secunia.com/advisories/43068

support.apple.com/kb/HT4455

support.apple.com/kb/HT4456

www.vupen.com/english/advisories/2010/3046

www.vupen.com/english/advisories/2011/0212

exchange.xforce.ibmcloud.com/vulnerabilities/63347

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11495

AI Score

8.9

Confidence

High

EPSS

0.021

Percentile

89.1%

Related for CVELIST:CVE-2010-3804

cve5 ubuntucve5 prion5 nvd5 mozilla1 cvelist4 nessus41 securityvulns6 veracode1 openvas66 exploitdb3 seebug1 fedora16 ubuntu6 redhat2 suse1 oraclelinux2 centos2 freebsd1 debian2 gentoo1