Vulnerability Details CVE-2008-3644
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.1%
CVSS Severity
CVSS v2 Score 1.9
References
- http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://secunia.com/advisories/32706
- http://secunia.com/advisories/32756
- http://support.apple.com/kb/HT3298
- http://support.apple.com/kb/HT3318
- http://www.securityfocus.com/bid/32291
- http://www.securitytracker.com/id?1021226
- http://www.vupen.com/english/advisories/2008/3232
- http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://secunia.com/advisories/32706
- http://secunia.com/advisories/32756
- http://support.apple.com/kb/HT3298
- http://support.apple.com/kb/HT3318
- http://www.securityfocus.com/bid/32291
- http://www.securitytracker.com/id?1021226
- http://www.vupen.com/english/advisories/2008/3232
Products affected by CVE-2008-3644
-
cpe:2.3:a:apple:safari:-
-
cpe:2.3:a:apple:safari:0.8
-
cpe:2.3:a:apple:safari:0.9
-
cpe:2.3:a:apple:safari:1.0
-
cpe:2.3:a:apple:safari:1.0.0
-
cpe:2.3:a:apple:safari:1.0.0b1
-
cpe:2.3:a:apple:safari:1.0.0b2
-
cpe:2.3:a:apple:safari:1.0.1
-
cpe:2.3:a:apple:safari:1.0.2
-
cpe:2.3:a:apple:safari:1.0.3
-
cpe:2.3:a:apple:safari:1.0b1
-
cpe:2.3:a:apple:safari:1.1
-
cpe:2.3:a:apple:safari:1.1.0
-
cpe:2.3:a:apple:safari:1.1.1
-
cpe:2.3:a:apple:safari:1.2
-
cpe:2.3:a:apple:safari:1.2.0
-
cpe:2.3:a:apple:safari:1.2.1
-
cpe:2.3:a:apple:safari:1.2.2
-
cpe:2.3:a:apple:safari:1.2.3
-
cpe:2.3:a:apple:safari:1.2.4
-
cpe:2.3:a:apple:safari:1.2.5
-
cpe:2.3:a:apple:safari:1.3
-
cpe:2.3:a:apple:safari:1.3.0
-
cpe:2.3:a:apple:safari:1.3.1
-
cpe:2.3:a:apple:safari:1.3.2
-
cpe:2.3:a:apple:safari:2
-
cpe:2.3:a:apple:safari:2.0
-
cpe:2.3:a:apple:safari:2.0.0
-
cpe:2.3:a:apple:safari:2.0.1
-
cpe:2.3:a:apple:safari:2.0.2
-
cpe:2.3:a:apple:safari:2.0.3
-
cpe:2.3:a:apple:safari:2.0.3_417.9.3
-
cpe:2.3:a:apple:safari:2.0.4
-
cpe:2.3:a:apple:safari:2.0.4_419.3
-
cpe:2.3:a:apple:safari:2.0_pre
-
cpe:2.3:a:apple:safari:3
-
cpe:2.3:a:apple:safari:3.0
-
cpe:2.3:a:apple:safari:3.0.0
-
cpe:2.3:a:apple:safari:3.0.0b
-
cpe:2.3:a:apple:safari:3.0.1
-
cpe:2.3:a:apple:safari:3.0.1b
-
cpe:2.3:a:apple:safari:3.0.2
-
cpe:2.3:a:apple:safari:3.0.2b
-
cpe:2.3:a:apple:safari:3.0.3
-
cpe:2.3:a:apple:safari:3.0.3b
-
cpe:2.3:a:apple:safari:3.0.4
-
cpe:2.3:a:apple:safari:3.0.4_beta
-
cpe:2.3:a:apple:safari:3.0.4b
-
cpe:2.3:a:apple:safari:3.0.5
-
cpe:2.3:a:apple:safari:3.1
-
cpe:2.3:a:apple:safari:3.1.0
-
cpe:2.3:a:apple:safari:3.1.0b
-
cpe:2.3:a:apple:safari:3.1.1
-
cpe:2.3:a:apple:safari:3.1.1b
-
cpe:2.3:a:apple:safari:3.1.2
-
cpe:2.3:a:apple:safari:3.1.2b
-
cpe:2.3:a:apple:safari:3.2.0b
-
cpe:2.3:a:apple:safari:3.2.1b
-
cpe:2.3:a:apple:safari:3.2.2b