Remote Code Execution Vulnerability in Apple Safari on Windows
CVE-2010-1383

Currently unrated

Key Information:

Vendor: Apple
Status: Cfnetwork; Safari
Vendor: CVE Published:; 21 July 2011

Summary

A vulnerability in Apple Safari prior to version 5.0.6 on Windows enables remote web servers to execute arbitrary code by exploiting NTLM credential replay issues. This 'credential reflection' problem allows attackers to manipulate the way credentials are handled, potentially leading to unauthorized access and control over systems running the affected browser version.

References

http://support.apple.com/kb/HT4808

x_refsource_CONFIRM

http://lists.apple.com/archives/security-announce/2011//J...

vendor-advisoryx_refsource_APPLE

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 21, 2011