First published: Mon Nov 17 2008(Updated: )
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | =1.3.2 | |
Apple Safari | =2 | |
Apple Safari | =1.1.1 | |
Apple Safari | =3.0.4 | |
Apple Safari | =1.2.2 | |
Apple Safari | =2.0.1 | |
Apple Safari | =3.0.1 | |
Apple Safari | =2.0.3 | |
Apple Safari | =1.0.3 | |
Apple Safari | =2.0.2 | |
Apple Safari | =3.0.1 | |
Apple Safari | =3.0.2 | |
Apple Safari | =1.0 | |
Apple Safari | =2.0.4_419.3 | |
Apple Safari | =3.1.1 | |
Apple Safari | =1.3 | |
Apple Safari | =3.0.3 | |
Apple Safari | =3.0.2 | |
Apple Safari | =3.1 | |
Apple Safari | =1.2.5 | |
Apple Safari | =3.0.3 | |
Apple Safari | =3.0 | |
Apple Safari | =2.0 | |
Apple Safari | =1.2.4 | |
Apple Safari | =1.2.1 | |
Apple Safari | =1.0-beta | |
Apple Safari | =0.8 | |
Apple Safari | =2.0.4 | |
Apple Safari | =1.0-beta2 | |
Apple Safari | =1.1 | |
Apple Safari | =1.3.1 | |
Apple Safari | =1.2 | |
Apple Safari | ||
Apple Safari | <=3.1.2 | |
Apple Safari | =2.0_pre | |
Apple Safari | =3.0 | |
Apple Safari | =3.0.4_beta | |
Apple Safari | =2.0.3_417.9.3 | |
Apple Safari | =1.2.3 | |
Apple Safari | =3.0.4_beta | |
Apple Safari | =3 | |
Apple Safari | =0.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-3644 is classified as a moderate severity vulnerability that allows local users to access sensitive information.
The fix for CVE-2008-3644 is to update Apple Safari to version 3.2 or later.
CVE-2008-3644 is a vulnerability related to improper caching of form data in Apple Safari.
Users of Apple Safari versions prior to 3.2 are affected by CVE-2008-3644.
CVE-2008-3644 allows local users to read the browser's page cache and obtain sensitive information.