VYPR
Unrated severityNVD Advisory· Published May 14, 2010· Updated Jun 16, 2026

CVE-2010-1940

CVE-2010-1940

Description

Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected products

2
  • Apple Inc./Safari2 versions
    cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*
    • (no CPE)range: =4.0.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.