Vulnerability Report

CVE-2010-2264

Title: Apple Webkit Information Disclosure

Information Disclosure

Proof Of Concept

No public PoC currently indexed for CVE-2010-2264.

CWE Category CWE-200

Published Date Jun 11, 2010

Modified Date Jun 16, 2026

Exploit Status Not Found

Score 4.3 CVSS v2.0

Exploit Probability (EPSS)

2.60%

Vulnerability Summary

CVE-2010-2264: The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document.

Impacted Vendors

apple 2

webkit 1

Reference Links

http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40105 http://secunia.com/advisories/41856 http://secunia.com/advisories/43068 http://securitytracker.com/id?1024067 http://support.apple.com/kb/HT4196 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.securityfocus.com/bid/40620 http://www.securityfocus.com/bid/40756 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/1373 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0552 http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40105 http://secunia.com/advisories/41856 http://secunia.com/advisories/43068 http://securitytracker.com/id?1024067 http://support.apple.com/kb/HT4196 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.securityfocus.com/bid/40620 http://www.securityfocus.com/bid/40756 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/1373 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0552

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

4.3

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:M/Au:N/C:P/I:N/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2010-2264 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

June 16, 2026 MODIFIED

Vulnerability data updated via NVD.

April 29, 2026 MODIFIED

Vulnerability data updated via NVD.

April 11, 2025 MODIFIED

Vulnerability data or affected products updated.

June 11, 2010 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:M/Au:N/C:P/I:N/A:N

Affected Stack

No specific products linked.