Unrated severityNVD Advisory· Published Jun 10, 2009· Updated Apr 23, 2026

CVE-2009-1706

Description

The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.

Affected products

Apple Inc./Safari12 versions
cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*+ 11 more
- cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*range: <=3.2.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlnvdPatchVendor Advisory
support.apple.com/kb/HT3613nvdPatchVendor Advisory
www.vupen.com/english/advisories/2009/1522nvdPatchVendor Advisory
www.securityfocus.com/bid/35260nvdExploitPatch
secunia.com/advisories/35379nvdVendor Advisory
osvdb.org/54997nvd
www.securityfocus.com/bid/35346nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000