CVE-2010-1383

CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a credential reflection issue.

Affected Software

Name	Vendor	Start Version	End Version
Cfnetwork	Apple	*	*
Safari	Apple	*	5.0.5 (including)
Safari	Apple	1.0 (including)	1.0 (including)
Safari	Apple	1.0-beta (including)	1.0-beta (including)
Safari	Apple	1.0-beta2 (including)	1.0-beta2 (including)
Safari	Apple	1.0.0 (including)	1.0.0 (including)
Safari	Apple	1.0.0b1 (including)	1.0.0b1 (including)
Safari	Apple	1.0.0b2 (including)	1.0.0b2 (including)
Safari	Apple	1.0.1 (including)	1.0.1 (including)
Safari	Apple	1.0.2 (including)	1.0.2 (including)
Safari	Apple	1.0.3 (including)	1.0.3 (including)
Safari	Apple	1.0.3-85.8 (including)	1.0.3-85.8 (including)
Safari	Apple	1.0.3-85.8.1 (including)	1.0.3-85.8.1 (including)
Safari	Apple	1.1 (including)	1.1 (including)
Safari	Apple	1.1.0 (including)	1.1.0 (including)
Safari	Apple	1.1.1 (including)	1.1.1 (including)
Safari	Apple	1.2 (including)	1.2 (including)
Safari	Apple	1.2.0 (including)	1.2.0 (including)
Safari	Apple	1.2.1 (including)	1.2.1 (including)
Safari	Apple	1.2.2 (including)	1.2.2 (including)
Safari	Apple	1.2.3 (including)	1.2.3 (including)
Safari	Apple	1.2.4 (including)	1.2.4 (including)
Safari	Apple	1.2.5 (including)	1.2.5 (including)
Safari	Apple	1.3 (including)	1.3 (including)
Safari	Apple	1.3.0 (including)	1.3.0 (including)
Safari	Apple	1.3.1 (including)	1.3.1 (including)
Safari	Apple	1.3.2 (including)	1.3.2 (including)
Safari	Apple	1.3.2-312.5 (including)	1.3.2-312.5 (including)
Safari	Apple	1.3.2-312.6 (including)	1.3.2-312.6 (including)
Safari	Apple	2 (including)	2 (including)
Safari	Apple	2.0 (including)	2.0 (including)
Safari	Apple	2.0.0 (including)	2.0.0 (including)
Safari	Apple	2.0.1 (including)	2.0.1 (including)
Safari	Apple	2.0.2 (including)	2.0.2 (including)
Safari	Apple	2.0.3 (including)	2.0.3 (including)
Safari	Apple	2.0.3-417.8 (including)	2.0.3-417.8 (including)
Safari	Apple	2.0.3-417.9 (including)	2.0.3-417.9 (including)
Safari	Apple	2.0.3-417.9.2 (including)	2.0.3-417.9.2 (including)
Safari	Apple	2.0.3-417.9.3 (including)	2.0.3-417.9.3 (including)
Safari	Apple	2.0.4 (including)	2.0.4 (including)
Safari	Apple	3 (including)	3 (including)
Safari	Apple	3.0 (including)	3.0 (including)
Safari	Apple	3.0.0 (including)	3.0.0 (including)
Safari	Apple	3.0.0b (including)	3.0.0b (including)
Safari	Apple	3.0.1 (including)	3.0.1 (including)
Safari	Apple	3.0.1b (including)	3.0.1b (including)
Safari	Apple	3.0.2 (including)	3.0.2 (including)
Safari	Apple	3.0.2b (including)	3.0.2b (including)
Safari	Apple	3.0.3 (including)	3.0.3 (including)
Safari	Apple	3.0.3b (including)	3.0.3b (including)
Safari	Apple	3.0.4 (including)	3.0.4 (including)
Safari	Apple	3.0.4b (including)	3.0.4b (including)
Safari	Apple	3.1.0 (including)	3.1.0 (including)
Safari	Apple	3.1.0b (including)	3.1.0b (including)
Safari	Apple	3.1.1 (including)	3.1.1 (including)
Safari	Apple	3.1.2 (including)	3.1.2 (including)
Safari	Apple	3.2.0 (including)	3.2.0 (including)
Safari	Apple	3.2.1 (including)	3.2.1 (including)
Safari	Apple	3.2.2 (including)	3.2.2 (including)
Safari	Apple	4.1 (including)	4.1 (including)
Safari	Apple	4.1.1 (including)	4.1.1 (including)
Safari	Apple	4.1.2 (including)	4.1.2 (including)
Safari	Apple	5.0 (including)	5.0 (including)
Safari	Apple	5.0.1 (including)	5.0.1 (including)
Safari	Apple	5.0.2 (including)	5.0.2 (including)
Safari	Apple	5.0.3 (including)	5.0.3 (including)
Safari	Apple	5.0.4 (including)	5.0.4 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-1383
CWE	https://cwe.mitre.org/data/definitions/255.html

Affected Software

References