The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Safari | Apple | * | 5.0.2 (including) |
Safari | Apple | 5.0 (including) | 5.0 (including) |
Safari | Apple | 5.0.1 (including) | 5.0.1 (including) |
Webkit | Apple | * | * |