CVE-2008-1005: Infoleak
First published: Wed Mar 19 2008(Updated: )
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | =1.3.2 | |
| Apple Safari | =3.0.4 | |
| Apple Safari | =2.0.2 | |
| Apple Safari | =3.0.1 | |
| Apple Safari | =3.0.2 | |
| Apple Safari | =1.0 | |
| Apple Safari | =1.3 | |
| Apple Safari | =3.0.3 | |
| Apple Safari | =2.0 | |
| Apple Safari | =0.8 | |
| Apple Safari | =2.0.4 | |
| Apple Safari | =1.1 | |
| Apple Safari | =1.3.1 | |
| Apple Safari | =1.2 | |
| Apple Safari | =3.0 | |
| Apple Safari | =0.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00000.html
- http://docs.info.apple.com/article.html?artnum=307563
- http://www.securitytracker.com/id?1019656
- http://www.securityfocus.com/bid/28326
- http://www.us-cert.gov/cas/techalerts/TA08-079A.html
- http://www.securityfocus.com/bid/28290
- http://secunia.com/advisories/29393
- http://www.vupen.com/english/advisories/2008/0920/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41329
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- agent/description
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple safari
- version/apple safari/1.3.2
- version/apple safari/3.0.4
- version/apple safari/2.0.2
- version/apple safari/3.0.1
- version/apple safari/3.0.2
- version/apple safari/1.0
- version/apple safari/1.3
- version/apple safari/3.0.3
- version/apple safari/2.0
- version/apple safari/0.8
- version/apple safari/2.0.4
- version/apple safari/1.1
- version/apple safari/1.3.1
- version/apple safari/1.2
- version/apple safari/3.0
- version/apple safari/0.9