Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/03/2008 Updated: 08/08/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

WebCore, as used in Apple Safari prior to 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate malicious users to read the password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari 0.9
apple safari 1.0
apple safari 2.0.4
apple safari 3.0
apple safari 1.1
apple safari 1.2
apple safari 1.3
apple safari 3.0.1
apple safari 3.0.2
apple safari 0.8
apple safari 2.0
apple safari 2.0.2
apple safari 1.3.1
apple safari 1.3.2
apple safari 3.0.3
apple safari 3.0.4

CWE-200 http://lists.apple.com/archives/security-announce/2008/Mar/msg00000.html http://docs.info.apple.com/article.html?artnum=307563 http://www.securitytracker.com/id?1019656 http://www.securityfocus.com/bid/28326 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.securityfocus.com/bid/28290 http://secunia.com/advisories/29393 http://www.vupen.com/english/advisories/2008/0920/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41329 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1005

Vulnerability Summary

References

Vulmon Search

About

Products

Connect