Vulnerability Details CVE-2009-2196
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.169
EPSS Ranking 94.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html
- http://support.apple.com/kb/HT3733
- http://www.securityfocus.com/bid/36022
- http://www.securitytracker.com/id?1022718
- http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html
- http://support.apple.com/kb/HT3733
- http://www.securityfocus.com/bid/36022
- http://www.securitytracker.com/id?1022718
Products affected by CVE-2009-2196
-
cpe:2.3:a:apple:safari:4.0
-
cpe:2.3:a:apple:safari:4.0.1
-
cpe:2.3:a:apple:safari:4.0.2
-
cpe:2.3:o:apple:mac_os_x:10.4.
-
cpe:2.3:o:apple:mac_os_x:10.5.7
-
cpe:2.3:o:apple:mac_os_x:10.5.8
-
cpe:2.3:o:apple:mac_os_x_server:10.4.11
-
cpe:2.3:o:apple:mac_os_x_server:10.5.7
-
cpe:2.3:o:apple:mac_os_x_server:10.5.8
-
cpe:2.3:o:microsoft:windows_vista:-
-
cpe:2.3:o:microsoft:windows_xp:-
-
cpe:2.3:o:microsoft:windows_xp:sp2
-
cpe:2.3:o:microsoft:windows_xp:sp3
-
cpe:2.3:o:microsoft:windows_xp:unknown