mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
102 lines
2.9 KiB
JSON
102 lines
2.9 KiB
JSON
{
|
|
"id": "CVE-2010-0314",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2010-01-14T19:30:00.670",
|
|
"lastModified": "2011-03-18T02:46:10.130",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Apple Safari permite a atacantes remotos descubrir una redirecci\u00f3n URL para la sesi\u00f3n de un usuario espec\u00edfico de un sitio web, sustituyendo la URL del sitio en el atributo HREF de un elemento stylesheet LINK, y despu\u00e9s leyendo el valor de la propiedad document.styleSheets[0].href."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/41856",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-1006-1",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2010/2722",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2011/0552",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |