CVE-2011-0159

Published: Mar 11, 2011Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote web servers to track users by setting a cookie.

Affected (3)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Version 4.0
Apple Iphone Os	Version 4.1
Apple Iphone Os	Version 4.2

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

Source: product-security@apple.com

Vendor Advisory

http://support.apple.com/kb/HT4564

Source: product-security@apple.com

Vendor Advisory

http://www.securityfocus.com/bid/46810

Source: product-security@apple.com

http://www.securitytracker.com/id?1025182

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.apple.com/kb/HT4564

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/46810

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1025182

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.