CVE-2010-0044 Information

Description

PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.

Reference

http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html http://osvdb.org/62937 http://support.apple.com/kb/HT4070 http://www.securityfocus.com/bid/38671 http://www.securityfocus.com/bid/38675 https://exchange.xforce.ibmcloud.com/vulnerabilities/56830 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7051