CVE-2008-3644

medium

Description

Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.

References

http://www.vupen.com/english/advisories/2008/3232

http://www.securitytracker.com/id?1021226

http://www.securityfocus.com/bid/32291

http://support.apple.com/kb/HT3318

http://support.apple.com/kb/HT3298

http://secunia.com/advisories/32756

http://secunia.com/advisories/32706

http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html

http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html

Details

Source: Mitre, NVD

Published: 2008-11-17

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00066

Detections

Analytics