CVE-2010-1796

The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
applesafari
𝑥
≤ 5.0
applesafari
4.0
applesafari
4.0.0b:b
applesafari
4.0.1
applesafari
4.0.2
applesafari
4.0.3
applesafari
4.0.4
applesafari
4.0.5
applewebkit
*
applesafari
𝑥
≤ 4.1
applesafari
4.0
applesafari
4.0.0b:b
applesafari
4.0.1
applesafari
4.0.2
applesafari
4.0.3
applesafari
4.0.4
applesafari
4.0.5
applewebkit
*
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
maverick
ignored
lucid
ignored
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
qt4-x11
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
hardy
not-affected
dapper
not-affected
webkit
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
hardy
not-affected
dapper
dne
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html
http://support.apple.com/kb/HT4276
http://www.securityfocus.com/bid/42020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11112
http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html
http://support.apple.com/kb/HT4276
http://www.securityfocus.com/bid/42020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11112