Information disclosure vulnerability in Apple Safari while visiting a HTTPS site which redirects to an HTTP site (Apple Mac OS X)| ID: oval:org.secpod.oval:def:4271 | Date: (C)2012-02-24 (M)2023-11-18 |
| Class: VULNERABILITY | Family: macos |
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which passes the Referer header when an HTTPS site redirects to an HTTP site. Successful exploitation could allow attackers to obtain sensitive information contained in the URL of the HTTPS site.
| Platform: |
| Apple Mac OS X 10.8 |
| Apple Mac OS X 10.9 |
| Apple Mac OS X 10.10 |
| Apple Mac OS X Server 10.8 |
| Apple Mac OS X Server 10.9 |
| Apple Mac OS X Server 10.10 |
