{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-06-08T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-06-19T09:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "APPLE-SA-2009-06-08-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"name": "35260", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35260"}, {"name": "ADV-2009-1522", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"name": "54997", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54997"}, {"name": "35379", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35379"}, {"name": "35346", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35346"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3613"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1706", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2009-06-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"name": "35260", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35260"}, {"name": "ADV-2009-1522", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"name": "54997", "refsource": "OSVDB", "url": "http://osvdb.org/54997"}, {"name": "35379", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35379"}, {"name": "35346", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35346"}, {"name": "http://support.apple.com/kb/HT3613", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3613"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:20:35.192Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2009-06-08-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"name": "35260", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/35260"}, {"name": "ADV-2009-1522", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"name": "54997", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54997"}, {"name": "35379", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35379"}, {"name": "35346", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/35346"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3613"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1706", "datePublished": "2009-06-10T17:37:00.000Z", "dateReserved": "2009-05-20T00:00:00.000Z", "dateUpdated": "2024-08-07T05:20:35.192Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*", "matchCriteriaId": "7E203D81-FABE-4A63-8930-1DA15A86E113", "versionEndIncluding": "3.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*", "matchCriteriaId": "49875E29-AA30-4D96-9ED9-538823DD5E1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "D6C733F3-F5D4-4CF1-866D-61FF9D81D1B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "C5471735-D9C0-491B-9A6A-07B39AA215CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*", "matchCriteriaId": "1E5C52F3-2109-40FD-9945-A9A9D42C076E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*", "matchCriteriaId": "151DEB6D-5857-4B0B-8449-5735768024A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*", "matchCriteriaId": "AC7E7F65-8F3B-42F8-8B2D-9EA1CC4A4300", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*", "matchCriteriaId": "476EBE1F-66E1-4EF5-8344-BEDA97F306A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*", "matchCriteriaId": "480ED2AC-0DA4-44DA-A902-8534335077B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*", "matchCriteriaId": "77F31F4B-5305-4D75-9277-95EF99A969A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*", "matchCriteriaId": "C9AD216D-0C95-4843-A1A1-C3C9A6219277", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*", "matchCriteriaId": "04B8652D-BE06-49CB-A636-8B53B2DF9168", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie."}, {"lang": "es", "value": "La caracter\u00edstica de Navegaci\u00f3n Privada de Apple Safari anterior a v4.0 en Windows no elimina las cookies del almacenamiento de cookies alternativo en circunstancias no especificadas en relaci\u00f3n con (1) la desactivaci\u00f3n de la caracter\u00edstica o (2) la salida de la aplicaci\u00f3n, esto hace que sea m\u00e1s sencillo a los servidores Web remotos seguir a los usuarios mediante una cookie."}], "id": "CVE-2009-1706", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-06-10T18:00:00.670", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/54997"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35379"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.apple.com/kb/HT3613"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/35260"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/35346"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1522"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/54997"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35379"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.apple.com/kb/HT3613"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/35260"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/35346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1522"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}