Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3644

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2008-3644
Last Modified 30 Oct 2012 11:01:47
Published 17 Nov 2008 01:18:47
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3644

Summary

Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.

Vulnerable Systems

Application

  • Apple Safari

  • Apple Safari 0.8

  • Apple Safari 0.9

  • Apple Safari 1.0

  • Apple Safari 1.0.3

  • Apple Safari 1.1

  • Apple Safari 1.1.1

  • Apple Safari 1.2

  • Apple Safari 1.2.1

  • Apple Safari 1.2.2

  • Apple Safari 1.2.3

  • Apple Safari 1.2.4

  • Apple Safari 1.2.5

  • Apple Safari 1.3

  • Apple Safari 1.3.1

  • Apple Safari 1.3.2

  • Apple Safari 2

  • Apple Safari 2.0

  • Apple Safari 2.0 Pre

  • Apple Safari 2.0.1

  • Apple Safari 2.0.2

  • Apple Safari 2.0.3

  • Apple Safari 2.0.3 417.9.3

  • Apple Safari 2.0.4

  • Apple Safari 2.0.4 419.3

  • Apple Safari 3

  • Apple Safari 3.0

  • Apple Safari 3.0.1

  • Apple Safari 3.0.2

  • Apple Safari 3.0.3

  • Apple Safari 3.0.4

  • Apple Safari 3.0.4 Beta

  • Apple Safari 3.1

  • Apple Safari 3.1.1

  • Apple Safari 3.1.2


References

VUPEN - ADV-2008-3232

BID - 32291

CONFIRM - http://support.apple.com/kb/HT3318

CONFIRM - http://support.apple.com/kb/HT3298

SECUNIA - 32756

APPLE - APPLE-SA-2008-11-20

APPLE - APPLE-SA-2008-11-13

SECTRACK - 1021226

SECUNIA - 32706

Related Patches

Apple 2008-11-13 Safari 3.2 for Leopard

Apple 2008-11-13 Safari 3.2 for Tiger


Last Updated: 27 May 2016 11:01:21