CVE-2011-0159

medium

Description

The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote web servers to track users by setting a cookie.

References

http://www.securitytracker.com/id?1025182

http://www.securityfocus.com/bid/46810

http://support.apple.com/kb/HT4564

http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

Details

Source: Mitre, NVD

Published: 2011-03-11

Updated: 2011-03-31

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Severity: Medium