Back to search
CVE-2010-1384
Published: Jun 11, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not provide a warning about a (1) http or (2) https URL that contains a username and password, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://support.apple.com/kb/HT4225
x_refsource_CONFIRM
APPLE-SA-2010-06-07-1
vendor-advisory
x_refsource_APPLE
JVNDB-2010-001538
third-party-advisory
x_refsource_JVNDB
40105
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1373
vdb-entry
x_refsource_VUPEN
42314
third-party-advisory
x_refsource_SECUNIA
40620
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:6812
vdb-entry
signature
x_refsource_OVAL
http://support.apple.com/kb/HT4456
x_refsource_CONFIRM
1024067
vdb-entry
x_refsource_SECTRACK
http://support.apple.com/kb/HT4196
x_refsource_CONFIRM
JVN#46026251
third-party-advisory
x_refsource_JVN
APPLE-SA-2010-06-21-1
vendor-advisory
x_refsource_APPLE
APPLE-SA-2010-11-22-1
vendor-advisory
x_refsource_APPLE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now