Apple Safari fails to properly handle form data in HTTP redirects

2004-08-16T00:00:00
ID VU:128414
Type cert
Reporter CERT
Modified 2004-08-16T00:00:00

Description

Overview

There is a vulnerability in the way Safari handles form data that may expose sensitive information when the forward/backward buttons are used.

Description

Apple Safari is a web browser available for the Mac OS X operating system. A vulnerability exists in the way Safari handles web form data. When a web form is submitted to a server using the POST method and the server returns an HTTP redirect to a GET method URL, Safari may re-POST that data to the GET method URL. It has been reported that this condition occurs when the forward/backward buttons are used. No further information was provided on this vulnerability.


Impact

A user's form data could be disclosed to a remote server.


Solution

Apple has released a patch to address this vulnerability. For further details, please see the Apple Security Advisory (Security Updates for Mac OS X 10.3.5).


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Apple Computer Inc.| | -| 16 Aug 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://docs.info.apple.com/article.html?artnum=61798>
  • <http://www.securitytracker.com/alerts/2004/Aug/1010904.html>
  • <http://xforce.iss.net/xforce/xfdb/16944>
  • <http://secunia.com/advisories/12249/>

Credit

This vulnerability was reported by Apple. In turn, Apple credits Rick Osterberg of Harvard University for reporting this issue.

This document was written by Damon Morda.

Other Information

  • CVE IDs: CAN-2004-0743
  • Date Public: 10 Aug 2004
  • Date First Published: 16 Aug 2004
  • Date Last Updated: 16 Aug 2004
  • Severity Metric: 1.45
  • Document Revision: 7