CVE-2009-2196

Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.

Published: Aug 12, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-2196
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apple / mac_os_x	10.4.	10.4..x
apple / mac_os_x	10.5.7	10.5.7.x
apple / mac_os_x	10.5.8	10.5.8.x
apple / mac_os_x_server	10.4.11	10.4.11.x
apple / mac_os_x_server	10.5.7	10.5.7.x
apple / mac_os_x_server	10.5.8	10.5.8.x
microsoft / windows_vista	-	-
microsoft / windows_xp	-	-
apple / safari	4.0	4.0.x
apple / safari	4.0.1	4.0.1.x
apple / safari	4.0.2	4.0.2.x

http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html
http://support.apple.com/kb/HT3733
http://www.securityfocus.com/bid/36022
http://www.securitytracker.com/id?1022718

Vulnerability Database

289,871

CVE-2009-2196