CVE-2009-1707

CVSS V2 Low 1.2 CVSS V3 None
Description
Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors.
Overview
  • CVE ID
  • CVE-2009-1707
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2009-06-10T18:00:00
  • Last Modified Date
  • 2010-12-10T06:30:57
Weakness Enumerations
CWE URL
CWE-362 http://cwe.mitre.org/data/definitions/362.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:* 1 OR 3.2.3
cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.2:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.3:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.4:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1.1:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1.2:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.2:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.2.1:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.2.2:*:windows:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:H/Au:N/C:P/I:N/A:N
  • Access Vector
  • LOCAL
  • Access Compatibility
  • HIGH
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 1.2
  • Severity
  • LOW
  • Exploitability Score
  • 1.9
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://support.apple.com/kb/HT3613 Patch Vendor Advisory
http://www.vupen.com/english/advisories/2009/1522 Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Patch Vendor Advisory
http://secunia.com/advisories/35379 Vendor Advisory
http://www.securityfocus.com/bid/35260 Exploit
http://www.securityfocus.com/bid/35352
http://osvdb.org/55012
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://support.apple.com/kb/HT4456
http://www.vupen.com/english/advisories/2010/3046
http://secunia.com/advisories/42314
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2009-1707
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1707
History
Created Old Value New Value Data Type Notes
2022-05-10 11:08:03 Added to TrackCVE