VYPR
Unrated severityNVD Advisory· Published Dec 7, 2011· Updated Jun 16, 2026

CVE-2010-5070

CVE-2010-5070

Description

The JavaScript implementation in Apple Safari 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method, a different vulnerability than CVE-2010-2264. NOTE: this may overlap CVE-2010-5073.

Affected products

13
  • Apple Inc./Safari13 versions
    cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:4.1.3:*:*:*:*:*:*:*
    • (no CPE)range: =4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.