cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*
The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X does not properly recognize the Always value of the Block Cookies setting, which makes it easier for remote web servers to track users via a cookie.
Max CVSS
5.0
EPSS Score
0.18%
Published
2011-10-14
Updated
2017-08-29
Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.
Max CVSS
4.3
EPSS Score
0.70%
Published
2011-08-03
Updated
2020-05-20
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
Max CVSS
5.0
EPSS Score
0.57%
Published
2011-03-11
Updated
2020-06-02
WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds.
Max CVSS
4.3
EPSS Score
0.18%
Published
2011-07-21
Updated
2011-07-22
Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.
Max CVSS
4.3
EPSS Score
0.18%
Published
2011-07-21
Updated
2011-07-22
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!