CVE-2009-2797
EPSS 2.0%
描述
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server.
如何修補 CVE-2009-2797
要修補 CVE-2009-2797,請將受影響套件升級到下列已修補版本。
- Debian/qt4-x11—升級至 4:4.6.2-4 或更新版本
CVE-2009-2797 正在被利用嗎?
低 — EPSS 為 2.0%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 4:4.6.2-4