Lucene search

[email protected]NVD:CVE-2008-3644

HistoryNov 17, 2008 - 6:18 p.m.

CVE-2008-3644

2008-11-1718:18:47

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

AI Score

5.2

Confidence

Low

EPSS

Percentile

5.1%

JSON

Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser’s page cache.

Affected configurations

NVD

Node

applesafariwindows

applesafariRange≤3.1.2

applesafariMatch0.8

applesafariMatch0.9

applesafariMatch1.0

applesafariMatch1.0beta

applesafariMatch1.0beta2

applesafariMatch1.0.3

applesafariMatch1.1

applesafariMatch1.1.1

applesafariMatch1.2

applesafariMatch1.2.1

applesafariMatch1.2.2

applesafariMatch1.2.3

applesafariMatch1.2.4

applesafariMatch1.2.5

applesafariMatch1.3

applesafariMatch1.3.1

applesafariMatch1.3.2

applesafariMatch2

applesafariMatch2.0

applesafariMatch2.0.1

applesafariMatch2.0.2

applesafariMatch2.0.3

applesafariMatch2.0.3_417.9.3

applesafariMatch2.0.4

applesafariMatch2.0.4_419.3

applesafariMatch2.0_pre

applesafariMatch3

applesafariMatch3.0

applesafariMatch3.0windows

applesafariMatch3.0.1

applesafariMatch3.0.1windows

applesafariMatch3.0.2

applesafariMatch3.0.2windows

applesafariMatch3.0.3

applesafariMatch3.0.3windows

applesafariMatch3.0.4

applesafariMatch3.0.4_beta

applesafariMatch3.0.4_betawindows

applesafariMatch3.1

applesafariMatch3.1.1

References

lists.apple.com/archives/security-announce//2008/Nov/msg00001.html

lists.apple.com/archives/security-announce/2008/Nov/msg00002.html

secunia.com/advisories/32706

secunia.com/advisories/32756

support.apple.com/kb/HT3298

support.apple.com/kb/HT3318

www.securityfocus.com/bid/32291

www.securitytracker.com/id?1021226

www.vupen.com/english/advisories/2008/3232

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

AI Score

5.2

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2008-3644

cvelist1 cve1 prion1 seebug1 nessus3