CVE-2008-3644

Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.

Published: Nov 17, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3644
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
apple / safari	1.3.2	1.3.2.x
apple / safari	2	2.x
apple / safari	1.1.1	1.1.1.x
apple / safari	3.0.4	3.0.4.x
apple / safari	1.2.2	1.2.2.x
apple / safari	2.0.1	2.0.1.x
apple / safari	3.0.1	3.0.1.x
apple / safari	2.0.3	2.0.3.x
apple / safari	1.0.3	1.0.3.x
apple / safari	2.0.2	2.0.2.x
apple / safari	3.0.2	3.0.2.x
apple / safari	1.0	1.0.x
apple / safari	2.0.4_419.3	2.0.4_419.3.x
apple / safari	3.1.1	3.1.1.x
apple / safari	1.3	1.3.x
apple / safari	3.0.3	3.0.3.x
apple / safari	3.1	3.1.x
apple / safari	1.2.5	1.2.5.x
apple / safari	3.0	3.0.x
apple / safari	2.0	2.0.x
apple / safari	1.2.4	1.2.4.x
apple / safari	1.2.1	1.2.1.x
apple / safari	1.0-beta	1.0-beta.x
apple / safari	0.8	0.8.x
apple / safari	2.0.4	2.0.4.x
apple / safari	1.0-beta2	1.0-beta2.x
apple / safari	1.1	1.1.x
apple / safari	1.3.1	1.3.1.x
apple / safari	1.2	1.2.x
apple / safari	-	-
apple / safari	-	3.1.2.x
apple / safari	2.0_pre	2.0_pre.x
apple / safari	3.0.4_beta	3.0.4_beta.x
apple / safari	2.0.3_417.9.3	2.0.3_417.9.3.x
apple / safari	1.2.3	1.2.3.x
apple / safari	3	3.x
apple / safari	0.9	0.9.x

Vulnerability Database

290,206

CVE-2008-3644