Information disclosure vulnerability in Apple Safari via a malicious website - CVE-2018-4137ID: oval:org.secpod.oval:def:44810 | Date: (C)2018-04-02 (M)2023-11-18 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Safari before 11.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may be able to exfiltrate autofilled data in Safari without explicit user interaction.
Platform: |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |