CVE-2010-1386 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-1386 Interim 1 5 2023-12-09T01:58:31Z current 2021-05-30T12:51:10Z 2023-12-09T01:58:31Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-1386 page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT/#KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT E-Mail link for SUSE-SR:2010:015 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C2VK7FPKD3ZEG555N25GLTFTZJJB237A/#C2VK7FPKD3ZEG555N25GLTFTZJJB237A E-Mail link for SUSE-SR:2011:002 https://www.suse.com/support/security/rating/ SUSE Security Ratings page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357. CVE-2010-1386 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C