Unrated severityNVD Advisory· Published Jun 17, 2010· Updated Apr 29, 2026
CVE-2010-0540
CVE-2010-0540
Description
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.
Affected products
10cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- support.apple.com/kb/HT4188nvdPatchVendor Advisory
- www.securityfocus.com/bid/40871nvdPatch
- www.vupen.com/english/advisories/2010/1481nvdPatchVendor Advisory
- lists.apple.com/archives/security-announce/2010//Jun/msg00001.htmlnvdVendor Advisory
- secunia.com/advisories/40220nvdVendor Advisory
- cups.org/articles.phpnvd
- cups.org/str.phpnvd
- secunia.com/advisories/43521nvd
- security.gentoo.org/glsa/glsa-201207-10.xmlnvd
- www.debian.org/security/2011/dsa-2176nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2011/0535nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10382nvd
News mentions
0No linked articles in our index yet.