The host is installed with Apple Safari before 6.2 or 7.x before 7.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict the autofilling of passwords in forms. Successful exploitation could allow attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.