Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
AV:N/AC:M/Au:N/C:P/I:N/A:N
Vendors | Products |
---|---|
Microsoft |
|
Apple |
|
Configuration 1 [-]
AND |
|
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch Vendor Advisory |
http://support.apple.com/kb/HT4808 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2022-10-03T16:15:20
Updated: 2022-10-03T16:15:20
Reserved: 2022-10-03T00:00:00
Link: CVE-2011-0217
JSON object: View
NVD Information
Status : Analyzed
Published: 2011-07-21T23:55:01.847
Modified: 2011-07-22T04:00:00.000
Link: CVE-2011-0217
JSON object: View
Redhat Information
No data.
CWE