The host is installed with Apple Safari before 5.1.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle redirects in conjunction with HTTP authentication. Successful exploitation allows remote web servers to capture credentials by logging the Authorization HTTP header.