CVE-2008-3644: Infoleak
First published: Mon Nov 17 2008(Updated: )
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | =1.3.2 | |
| Apple Safari | =2 | |
| Apple Safari | =1.1.1 | |
| Apple Safari | =3.0.4 | |
| Apple Safari | =1.2.2 | |
| Apple Safari | =2.0.1 | |
| Apple Safari | =3.0.1 | |
| Apple Safari | =2.0.3 | |
| Apple Safari | =1.0.3 | |
| Apple Safari | =2.0.2 | |
| Apple Safari | =3.0.1 | |
| Apple Safari | =3.0.2 | |
| Apple Safari | =1.0 | |
| Apple Safari | =2.0.4_419.3 | |
| Apple Safari | =3.1.1 | |
| Apple Safari | =1.3 | |
| Apple Safari | =3.0.3 | |
| Apple Safari | =3.0.2 | |
| Apple Safari | =3.1 | |
| Apple Safari | =1.2.5 | |
| Apple Safari | =3.0.3 | |
| Apple Safari | =3.0 | |
| Apple Safari | =2.0 | |
| Apple Safari | =1.2.4 | |
| Apple Safari | =1.2.1 | |
| Apple Safari | =1.0-beta | |
| Apple Safari | =0.8 | |
| Apple Safari | =2.0.4 | |
| Apple Safari | =1.0-beta2 | |
| Apple Safari | =1.1 | |
| Apple Safari | =1.3.1 | |
| Apple Safari | =1.2 | |
| Apple Safari | ||
| Apple Safari | <=3.1.2 | |
| Apple Safari | =2.0_pre | |
| Apple Safari | =3.0 | |
| Apple Safari | =3.0.4_beta | |
| Apple Safari | =2.0.3_417.9.3 | |
| Apple Safari | =1.2.3 | |
| Apple Safari | =3.0.4_beta | |
| Apple Safari | =3 | |
| Apple Safari | =0.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/32291
- http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
- http://support.apple.com/kb/HT3298
- http://support.apple.com/kb/HT3318
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://secunia.com/advisories/32756
- http://www.vupen.com/english/advisories/2008/3232
- http://www.securitytracker.com/id?1021226
- http://secunia.com/advisories/32706
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/type
- agent/description
- agent/author
- agent/severity
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple safari
- version/apple safari/1.3.2
- version/apple safari/2
- version/apple safari/1.1.1
- version/apple safari/3.0.4
- version/apple safari/1.2.2
- version/apple safari/2.0.1
- version/apple safari/3.0.1
- version/apple safari/2.0.3
- version/apple safari/1.0.3
- version/apple safari/2.0.2
- version/apple safari/3.0.2
- version/apple safari/1.0
- version/apple safari/2.0.4_419.3
- version/apple safari/3.1.1
- version/apple safari/1.3
- version/apple safari/3.0.3
- version/apple safari/3.1
- version/apple safari/1.2.5
- version/apple safari/3.0
- version/apple safari/2.0
- version/apple safari/1.2.4
- version/apple safari/1.2.1
- version/apple safari/1.0-beta
- version/apple safari/0.8
- version/apple safari/2.0.4
- version/apple safari/1.0-beta2
- version/apple safari/1.1
- version/apple safari/1.3.1
- version/apple safari/1.2
- version/apple safari/3.1.2
- version/apple safari/2.0_pre
- version/apple safari/3.0.4_beta
- version/apple safari/2.0.3_417.9.3
- version/apple safari/1.2.3
- version/apple safari/3
- version/apple safari/0.9