WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2010-06-11T17:28:00
Updated: 2017-09-18T12:57:01
Reserved: 2010-04-15T00:00:00
Link: CVE-2010-1406
JSON object: View
NVD Information
Status : Modified
Published: 2010-06-11T18:00:37.457
Modified: 2017-09-19T01:30:43.330
Link: CVE-2010-1406
JSON object: View
Redhat Information
No data.
CWE