CVE-2010-1407

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Information Leak / Disclosure

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2009-0689, CVE-2009-1707, CVE-2009-1723, CVE-2009-2195, CVE-2009-2414, CVE-2009-2416, CVE-2009-2816, CVE-2010-0041, CVE-2010-0042, CVE-2010-0043, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0544, CVE-2010-1119, CVE-2010-1205, CVE-2010-1384, CVE-2010-1387, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1421, CVE-2010-1422, CVE-2010-1751, CVE-2010-1752, CVE-2010-1753, CVE-2010-1754, CVE-2010-1755, CVE-2010-1756, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1762, CVE-2010-1764, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774, CVE-2010-1775, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1791, CVE-2010-1793, CVE-2010-1806, CVE-2010-1807, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1843, CVE-2010-2249, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3786, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3814, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3827, CVE-2010-3828, CVE-2010-3829, CVE-2010-3830, CVE-2010-3831, CVE-2010-3832, CVE-2010-4008

Published on 22/06/10 - Updated on 17/08/17

Description

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2010-1407
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2010-AVI-280, CERTA-2010-AVI-565
Renater 2010/VULN226, 2010/VULN482

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
appleiphone_os

Share this vulnerability with:

Twitter Facebook LinkedIn Mail