Lucene search

PRIOn knowledge basePRION:CVE-2009-2199

HistoryAug 12, 2009 - 7:30 p.m.

Design/Logic Flaw

2009-08-1219:30:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.005 Low

EPSS

Percentile

76.8%

JSON

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.

CPENameOperatorVersion
iphone_osle3.0.1
iphone_oseq1.0.0
iphone_oseq1.0.1
iphone_oseq1.0.2
iphone_oseq1.1.0
iphone_oseq1.1.1
iphone_oseq1.1.2
iphone_oseq1.1.3
iphone_oseq1.1.4
iphone_oseq1.1.5

Name	Operator	Version
iphone_os	le	3.0.1
iphone_os	eq	1.0.0
iphone_os	eq	1.0.1
iphone_os	eq	1.0.2
iphone_os	eq	1.1.0
iphone_os	eq	1.1.1
iphone_os	eq	1.1.2
iphone_os	eq	1.1.3
iphone_os	eq	1.1.4
iphone_os	eq	1.1.5

Rows per page:

1-10 of 721

References

lists.apple.com/archives/security-announce/2009/Aug/msg00002.html

lists.apple.com/archives/security-announce/2009/Sep/msg00001.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/36677

secunia.com/advisories/43068

support.apple.com/kb/HT3733

support.apple.com/kb/HT3860

www.securityfocus.com/bid/36026

www.securitytracker.com/id?1022719

www.vupen.com/english/advisories/2011/0212

6.6 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.005 Low

EPSS

Percentile

76.8%

JSON

Related for PRION:CVE-2009-2199