CVE-2009-1696

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 uses predictable random numbers in JavaScript applications, which makes it easier for remote web servers to track the behavior of a Safari user during a session.

Affected Software

Name	Vendor	Start Version	End Version
Safari	Apple	*	4.0_beta (including)
Safari	Apple	0.8 (including)	0.8 (including)
Safari	Apple	0.9 (including)	0.9 (including)
Safari	Apple	1.0 (including)	1.0 (including)
Safari	Apple	1.0.3 (including)	1.0.3 (including)
Safari	Apple	1.1 (including)	1.1 (including)
Safari	Apple	1.2 (including)	1.2 (including)
Safari	Apple	1.3 (including)	1.3 (including)
Safari	Apple	1.3.1 (including)	1.3.1 (including)
Safari	Apple	1.3.2 (including)	1.3.2 (including)
Safari	Apple	2.0 (including)	2.0 (including)
Safari	Apple	2.0.2 (including)	2.0.2 (including)
Safari	Apple	2.0.4 (including)	2.0.4 (including)
Safari	Apple	3.0 (including)	3.0 (including)
Safari	Apple	3.0.2 (including)	3.0.2 (including)
Safari	Apple	3.0.3 (including)	3.0.3 (including)
Safari	Apple	3.0.4 (including)	3.0.4 (including)
Safari	Apple	3.1 (including)	3.1 (including)
Safari	Apple	3.1.1 (including)	3.1.1 (including)
Safari	Apple	3.1.2 (including)	3.1.2 (including)
Safari	Apple	3.2.1 (including)	3.2.1 (including)
Safari	Apple	3.2.3 (including)	3.2.3 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-1696
CWE	https://cwe.mitre.org/data/definitions/310.html

Affected Software

References