{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-11-18T00:00:00", "descriptions": [{"lang": "en", "value": "The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"name": "MDVSA-2011:039", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"}, {"name": "FEDORA-2011-0121", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667024"}, {"name": "43068", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43068"}, {"tags": ["x_refsource_MISC"], "url": "http://trac.webkit.org/changeset/63622"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4455"}, {"name": "ADV-2011-0212", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0212"}, {"name": "ADV-2010-3046", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3046"}, {"name": "ADV-2011-0216", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0216"}, {"name": "oval:org.mitre.oval:def:12293", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12293"}, {"name": "43086", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43086"}, {"name": "SUSE-SR:2011:002", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"}, {"name": "APPLE-SA-2010-11-18-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"}, {"name": "42314", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42314"}, {"name": "RHSA-2011:0177", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"}, {"name": "ADV-2011-0552", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0552"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4456"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.webkit.org/show_bug.cgi?id=42500"}, {"name": "APPLE-SA-2010-11-22-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2010-3813", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "MDVSA-2011:039", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"}, {"name": "FEDORA-2011-0121", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667024", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667024"}, {"name": "43068", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43068"}, {"name": "http://trac.webkit.org/changeset/63622", "refsource": "MISC", "url": "http://trac.webkit.org/changeset/63622"}, {"name": "http://support.apple.com/kb/HT4455", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4455"}, {"name": "ADV-2011-0212", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0212"}, {"name": "ADV-2010-3046", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3046"}, {"name": "ADV-2011-0216", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0216"}, {"name": "oval:org.mitre.oval:def:12293", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12293"}, {"name": "43086", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43086"}, {"name": "SUSE-SR:2011:002", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"}, {"name": "APPLE-SA-2010-11-18-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"}, {"name": "42314", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42314"}, {"name": "RHSA-2011:0177", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"}, {"name": "ADV-2011-0552", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0552"}, {"name": "http://support.apple.com/kb/HT4456", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4456"}, {"name": "https://bugs.webkit.org/show_bug.cgi?id=42500", "refsource": "MISC", "url": "https://bugs.webkit.org/show_bug.cgi?id=42500"}, {"name": "APPLE-SA-2010-11-22-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:26:11.100Z"}, "title": "CVE Program Container", "references": [{"name": "MDVSA-2011:039", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"}, {"name": "FEDORA-2011-0121", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667024"}, {"name": "43068", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43068"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://trac.webkit.org/changeset/63622"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4455"}, {"name": "ADV-2011-0212", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0212"}, {"name": "ADV-2010-3046", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3046"}, {"name": "ADV-2011-0216", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0216"}, {"name": "oval:org.mitre.oval:def:12293", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12293"}, {"name": "43086", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43086"}, {"name": "SUSE-SR:2011:002", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"}, {"name": "APPLE-SA-2010-11-18-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"}, {"name": "42314", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42314"}, {"name": "RHSA-2011:0177", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"}, {"name": "ADV-2011-0552", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0552"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4456"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.webkit.org/show_bug.cgi?id=42500"}, {"name": "APPLE-SA-2010-11-22-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2010-3813", "datePublished": "2010-11-20T21:00:00", "dateReserved": "2010-10-07T00:00:00", "dateUpdated": "2024-08-07T03:26:11.100Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C9E1949-86E4-4011-9376-51C9E7E683E5", "versionEndIncluding": "5.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "831C5105-6409-4743-8FB5-A91D8956202F", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "A1C9705A-74D4-43BA-A119-C667678F9A15", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "2011BBA0-5CE6-4215-8F6E-4BCCBCD24153", "versionEndIncluding": "4.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality."}, {"lang": "es", "value": "WebKit en Apple Safari anterior a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 en Mac OS X v10.4,permite a atacantes remotos evitar el ajuste de obtenci\u00f3n previa de DNS a trav\u00e9s de un mensaje de correo electr\u00f3nico en formato HTML que usa un elemento LINK para la funcionalidad X-Confirm-Reading-To"}], "id": "CVE-2010-3813", "lastModified": "2017-09-19T01:31:35.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-11-22T13:00:18.693", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"}, {"source": "product-security@apple.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html"}, {"source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/42314"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/43086"}, {"source": "product-security@apple.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.apple.com/kb/HT4455"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4456"}, {"source": "product-security@apple.com", "url": "http://trac.webkit.org/changeset/63622"}, {"source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"}, {"source": "product-security@apple.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/3046"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0216"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552"}, {"source": "product-security@apple.com", "url": "https://bugs.webkit.org/show_bug.cgi?id=42500"}, {"source": "product-security@apple.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667024"}, {"source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12293"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0177", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "webkitgtk-0:1.2.6-2.el6_0", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-01-25T00:00:00Z"}], "bugzilla": {"description": "webkit: HTMLLinkElement ignores dnsPrefetchingEnabled setting", "id": "667024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667024"}, "csaw": false, "cvss": {"cvss_base_score": "3.7", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality."], "name": "CVE-2010-3813", "public_date": "2010-11-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-3813\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-3813"], "threat_severity": "Moderate"}