CVE-2010-0314

Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html	Exploit
http://secunia.com/advisories/41856
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0552

Configurations

Configuration 1 (hide)

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-01-14 19:30

Updated : 2011-03-18 02:46

NVD link : CVE-2010-0314

Mitre link : CVE-2010-0314

CVE.ORG link : CVE-2010-0314

JSON object : View

Products Affected

apple

safari

CWE

NVD-CWE-Other

{"id": "CVE-2010-0314", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-01-14T19:30:00.670", "references": [{"url": "http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/41856", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039", "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/USN-1006-1", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/2722", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0552", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value."}, {"lang": "es", "value": "Apple Safari permite a atacantes remotos descubrir una redirecci\u00f3n URL para la sesi\u00f3n de un usuario espec\u00edfico de un sitio web, sustituyendo la URL del sitio en el atributo HREF de un elemento stylesheet LINK, y despu\u00e9s leyendo el valor de la propiedad document.styleSheets[0].href."}], "lastModified": "2011-03-18T02:46:10.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}