CVE-2008-3644

Apple Safari <3.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.

References (9)

Core 9
Core References
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3232
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32706
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32291
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3318
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021226
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3298
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32756

Scores

EPSS 0.0032
EPSS Percentile 24.4%

Details

CWE
CWE-200
Status published
Products (35)
apple/safari
apple/safari 0.8
apple/safari 0.9
apple/safari 1.0 (3 CPE variants)
apple/safari 1.0.3
apple/safari 1.1
apple/safari 1.1.1
apple/safari 1.2
apple/safari 1.2.1
apple/safari 1.2.2
... and 25 more
Published Nov 17, 2008
Tracked Since Feb 18, 2026