Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1706

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-1706
Last Modified 19 Jun 2009 01:32:05
Published 10 Jun 2009 02:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1706

Summary

The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.

Vulnerable Systems

Application

  • Apple Safari 3.0

  • Apple Safari 3.0.1

  • Apple Safari 3.0.2

  • Apple Safari 3.0.3

  • Apple Safari 3.0.4

  • Apple Safari 3.1

  • Apple Safari 3.1.1

  • Apple Safari 3.1.2

  • Apple Safari 3.2

  • Apple Safari 3.2.1

  • Apple Safari 3.2.2

  • Apple Safari 3.2.3


References

VUPEN - ADV-2009-1522

BID - 35260

CONFIRM - http://support.apple.com/kb/HT3613

APPLE - APPLE-SA-2009-06-08-1

BID - 35346

SECUNIA - 35379

OSVDB - 54997


Last Updated: 27 May 2016 10:50:38