CVE-2008-1005: Infoleak

First published: Wed Mar 19 2008(Updated: )

WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/softwarecombine
• agent/type
• collector/mitre-cve
• source/MITRE
• agent/severity
• agent/author
• agent/references
• agent/weakness
• agent/last-modified-date
• agent/description
• agent/first-publish-date
• agent/tags
• agent/event
• agent/source
• vendor/apple
• canonical/apple safari
• version/apple safari/1.3.2
• version/apple safari/3.0.4
• version/apple safari/2.0.2
• version/apple safari/3.0.1
• version/apple safari/3.0.2
• version/apple safari/1.0
• version/apple safari/1.3
• version/apple safari/3.0.3
• version/apple safari/2.0
• version/apple safari/0.8
• version/apple safari/2.0.4
• version/apple safari/1.1
• version/apple safari/1.3.1
• version/apple safari/1.2
• version/apple safari/3.0
• version/apple safari/0.9