CVE-2010-3829

Medium CVSS 5.8

Overview

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813.

CWE: CWE-264 Published: 2010-11-26T20:00:03.063

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.8 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags