page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:14
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html - | |
References | () http://secunia.com/advisories/41856 - Vendor Advisory | |
References | () http://secunia.com/advisories/43068 - Vendor Advisory | |
References | () http://security-tracker.debian.org/tracker/CVE-2010-1386 - | |
References | () http://trac.webkit.org/changeset/56188 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 - | |
References | () http://www.securityfocus.com/bid/42500 - | |
References | () http://www.ubuntu.com/usn/USN-1006-1 - | |
References | () http://www.vupen.com/english/advisories/2010/2722 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2011/0212 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2011/0552 - Vendor Advisory | |
References | () https://bugs.webkit.org/show_bug.cgi?id=36255 - |
Information
Published : 2010-08-19 22:00
Updated : 2024-11-21 01:14
NVD link : CVE-2010-1386
Mitre link : CVE-2010-1386
CVE.ORG link : CVE-2010-1386
JSON object : View
Products Affected
apple
- webkit
CWE
CWE-264
Permissions, Privileges, and Access Controls