CVE-2010-1386

Severity

99%

Complexity

99%

Confidentiality

165%

page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.

page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 14 years ago

2010-08-19 22:00:00

Last updated 13 years ago

2011-08-23 04:00:00

Affected Software

Apple WebKit

References

SUSE-SR:2011:002

41856

Vendor Advisory

43068

Vendor Advisory

http://security-tracker.debian.org/tracker/CVE-2010-1386

http://trac.webkit.org/changeset/56188

MDVSA-2011:039

42500

USN-1006-1

ADV-2010-2722

Vendor Advisory

ADV-2011-0212

Vendor Advisory

ADV-2011-0552

Vendor Advisory

https://bugs.webkit.org/show_bug.cgi?id=36255

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.