First published: Fri May 11 2012(Updated: )
WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | <=5.1.6 | |
Apple Safari | =1.0 | |
Apple Safari | =1.0-beta | |
Apple Safari | =1.0-beta2 | |
Apple Safari | =1.0.0 | |
Apple Safari | =1.0.0b1 | |
Apple Safari | =1.0.0b2 | |
Apple Safari | =1.0.1 | |
Apple Safari | =1.0.2 | |
Apple Safari | =1.0.3 | |
Apple Safari | =1.0.3-85.8 | |
Apple Safari | =1.0.3-85.8.1 | |
Apple Safari | =1.0b1 | |
Apple Safari | =1.1 | |
Apple Safari | =1.1.0 | |
Apple Safari | =1.1.1 | |
Apple Safari | =1.2 | |
Apple Safari | =1.2.0 | |
Apple Safari | =1.2.1 | |
Apple Safari | =1.2.2 | |
Apple Safari | =1.2.3 | |
Apple Safari | =1.2.4 | |
Apple Safari | =1.2.5 | |
Apple Safari | =1.3 | |
Apple Safari | =1.3.0 | |
Apple Safari | =1.3.1 | |
Apple Safari | =1.3.2 | |
Apple Safari | =1.3.2-312.5 | |
Apple Safari | =1.3.2-312.6 | |
Apple Safari | =2 | |
Apple Safari | =2.0 | |
Apple Safari | =2.0.0 | |
Apple Safari | =2.0.1 | |
Apple Safari | =2.0.2 | |
Apple Safari | =2.0.3 | |
Apple Safari | =2.0.3-417.8 | |
Apple Safari | =2.0.3-417.9 | |
Apple Safari | =2.0.3-417.9.2 | |
Apple Safari | =2.0.3-417.9.3 | |
Apple Safari | =2.0.4 | |
Apple Safari | =2.0.4 | |
Apple Safari | =3 | |
Apple Safari | =3.0 | |
Apple Safari | =3.0.0 | |
Apple Safari | =3.0.0 | |
Apple Safari | =3.0.0b | |
Apple Safari | =3.0.0b | |
Apple Safari | =3.0.1 | |
Apple Safari | =3.0.1 | |
Apple Safari | =3.0.1-beta | |
Apple Safari | =3.0.1b | |
Apple Safari | =3.0.1b | |
Apple Safari | =3.0.2 | |
Apple Safari | =3.0.2 | |
Apple Safari | =3.0.2b | |
Apple Safari | =3.0.2b | |
Apple Safari | =3.0.3 | |
Apple Safari | =3.0.3 | |
Apple Safari | =3.0.3b | |
Apple Safari | =3.0.3b | |
Apple Safari | =3.0.4 | |
Apple Safari | =3.0.4 | |
Apple Safari | =3.0.4b | |
Apple Safari | =3.0.4b | |
Apple Safari | =3.1.0 | |
Apple Safari | =3.1.0 | |
Apple Safari | =3.1.0b | |
Apple Safari | =3.1.0b | |
Apple Safari | =3.1.1 | |
Apple Safari | =3.1.1b | |
Apple Safari | =3.1.2 | |
Apple Safari | =3.1.2b | |
Apple Safari | =3.2.0 | |
Apple Safari | =3.2.0b | |
Apple Safari | =3.2.1 | |
Apple Safari | =3.2.1b | |
Apple Safari | =3.2.2 | |
Apple Safari | =3.2.2b | |
Apple Safari | =4.0 | |
Apple Safari | =4.0-beta | |
Apple Safari | =4.0.0b | |
Apple Safari | =4.0.1 | |
Apple Safari | =4.0.2 | |
Apple Safari | =4.0.3 | |
Apple Safari | =4.0.4 | |
Apple Safari | =4.0.5 | |
Apple Safari | =4.1 | |
Apple Safari | =4.1.1 | |
Apple Safari | =4.1.2 | |
Apple Safari | =5.0 | |
Apple Safari | =5.0.1 | |
Apple Safari | =5.0.2 | |
Apple Safari | =5.0.4 | |
Apple Safari | =5.0.5 | |
Apple Safari | =5.0.6 | |
Apple Safari | =5.1 | |
Apple Safari | =5.1.1 | |
Apple Safari | =5.1.2 | |
Apple Safari | =5.1.3 | |
Apple Safari | =5.1.4 | |
Apple Safari | =5.1.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-0676 is rated as moderate severity, allowing remote attackers to exploit vulnerable versions of Safari.
To fix CVE-2012-0676, users should upgrade to Apple Safari version 5.1.7 or later.
CVE-2012-0676 affects all versions of Apple Safari prior to 5.1.7.
CVE-2012-0676 is a state management vulnerability in WebKit that allows form manipulation.
Attackers can leverage CVE-2012-0676 to fill in form fields on arbitrary web pages.