CVE-2009-1696

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 uses predictable random numbers in JavaScript applications, which makes it easier for remote web servers to track the behavior of a Safari user during a session.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
applesafari
𝑥
≤ 4.0_beta
applesafari
0.8
applesafari
0.9
applesafari
1.0
applesafari
1.0.3
applesafari
1.1
applesafari
1.2
applesafari
1.3
applesafari
1.3.1
applesafari
1.3.2
applesafari
2.0
applesafari
2.0.2
applesafari
2.0.4
applesafari
3.0
applesafari
3.0.2
applesafari
3.0.3
applesafari
3.0.4
applesafari
3.1
applesafari
3.1.1
applesafari
3.1.2
applesafari
3.2.1
applesafari
3.2.3
applesafari
𝑥
≤ 3.2.3
applesafari
3.0
applesafari
3.0.1
applesafari
3.0.2
applesafari
3.0.3
applesafari
3.0.4
applesafari
3.1
applesafari
3.1.1
applesafari
3.1.2
applesafari
3.2
applesafari
3.2.1
applesafari
3.2.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qt4-x11
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
dapper
not-affected
webkit
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
dapper
dne
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://osvdb.org/55027
http://secunia.com/advisories/35379
http://secunia.com/advisories/43068
http://support.apple.com/kb/HT3613
http://support.apple.com/kb/HT3639
http://www.securityfocus.com/bid/35260
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2011/0212
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://osvdb.org/55027
http://secunia.com/advisories/35379
http://secunia.com/advisories/43068
http://support.apple.com/kb/HT3613
http://support.apple.com/kb/HT3639
http://www.securityfocus.com/bid/35260
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2011/0212