CVE-2012-0647

Sažetak

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

Reference

http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
http://secunia.com/advisories/48377
http://www.securitytracker.com/id?1026785

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

06-01-2018 - 02:29

Objavljeno

12-03-2012 - 21:55