Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAppleCVE-2012-0647
HistoryMar 12, 2012 - 9:55 p.m.

CVE-2012-0647

2012-03-1221:55:00
CWE-200
apple
web.nvd.nist.gov
33
cve-2012-0647
webkit
apple safari
vulnerability
http
authentication
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

56.7%

JSON

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

Affected configurations

Nvd
Node
applesafari
OR
applesafariRange5.1.3
OR
applesafariMatch1.0
OR
applesafariMatch1.0beta
OR
applesafariMatch1.0beta2
OR
applesafariMatch1.0.0
OR
applesafariMatch1.0.0b1
OR
applesafariMatch1.0.0b2
OR
applesafariMatch1.0.1
OR
applesafariMatch1.0.2
OR
applesafariMatch1.0.3
OR
applesafariMatch1.0.385.8
OR
applesafariMatch1.0.385.8.1
OR
applesafariMatch1.0b1-mac
OR
applesafariMatch1.1
OR
applesafariMatch1.1.0
OR
applesafariMatch1.1.1
OR
applesafariMatch1.2
OR
applesafariMatch1.2.0
OR
applesafariMatch1.2.1
OR
applesafariMatch1.2.2
OR
applesafariMatch1.2.3
OR
applesafariMatch1.2.4
OR
applesafariMatch1.2.5
OR
applesafariMatch1.3
OR
applesafariMatch1.3.0
OR
applesafariMatch1.3.1
OR
applesafariMatch1.3.2
OR
applesafariMatch1.3.2312.5
OR
applesafariMatch1.3.2312.6
OR
applesafariMatch2
OR
applesafariMatch2.0
OR
applesafariMatch2.0.0
OR
applesafariMatch2.0.1
OR
applesafariMatch2.0.2
OR
applesafariMatch2.0.3
OR
applesafariMatch2.0.3417.8
OR
applesafariMatch2.0.3417.9
OR
applesafariMatch2.0.3417.9.2
OR
applesafariMatch2.0.3417.9.3
OR
applesafariMatch2.0.4
OR
applesafariMatch2.0.4-mac
OR
applesafariMatch3
OR
applesafariMatch3.0
OR
applesafariMatch3.0.0
OR
applesafariMatch3.0.0-mac
OR
applesafariMatch3.0.0b
OR
applesafariMatch3.0.0b-windows
OR
applesafariMatch3.0.1
OR
applesafariMatch3.0.1-mac
OR
applesafariMatch3.0.1beta
OR
applesafariMatch3.0.1b
OR
applesafariMatch3.0.1b-windows
OR
applesafariMatch3.0.2
OR
applesafariMatch3.0.2-mac
OR
applesafariMatch3.0.2b
OR
applesafariMatch3.0.2b-windows
OR
applesafariMatch3.0.3
OR
applesafariMatch3.0.3-mac
OR
applesafariMatch3.0.3b
OR
applesafariMatch3.0.3b-windows
OR
applesafariMatch3.0.4
OR
applesafariMatch3.0.4-mac
OR
applesafariMatch3.0.4b
OR
applesafariMatch3.0.4b-windows
OR
applesafariMatch3.1.0
OR
applesafariMatch3.1.0-mac
OR
applesafariMatch3.1.0b
OR
applesafariMatch3.1.0b-windows
OR
applesafariMatch3.1.1
OR
applesafariMatch3.1.1b-windows
OR
applesafariMatch3.1.2
OR
applesafariMatch3.1.2b-windows
OR
applesafariMatch3.2.0
OR
applesafariMatch3.2.0b-windows
OR
applesafariMatch3.2.1
OR
applesafariMatch3.2.1b-windows
OR
applesafariMatch3.2.2
OR
applesafariMatch3.2.2b-windows
OR
applesafariMatch4.0
OR
applesafariMatch4.0beta
OR
applesafariMatch4.0.0b
OR
applesafariMatch4.0.1
OR
applesafariMatch4.0.2
OR
applesafariMatch4.0.3
OR
applesafariMatch4.0.4
OR
applesafariMatch4.0.5
OR
applesafariMatch4.1
OR
applesafariMatch4.1.1
OR
applesafariMatch4.1.2
OR
applesafariMatch5.0
OR
applesafariMatch5.0.1
OR
applesafariMatch5.0.2
OR
applesafariMatch5.0.4
OR
applesafariMatch5.0.5
OR
applesafariMatch5.0.6
OR
applesafariMatch5.1
OR
applesafariMatch5.1.1
OR
applesafariMatch5.1.2
VendorProductVersionCPE
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*
applesafari1.0cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*
applesafari1.0.0cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*
applesafari1.0.0b1cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*
applesafari1.0.0b2cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*
applesafari1.0.1cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*
applesafari1.0.2cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*
applesafari1.0.3cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 981

Related

ubuntucve 1
nvd 1
cvelist 1
prion 1
openvas 4
nessus 4
ubuntucve
ubuntucve
CVE-2012-0647
2012-03-12 00:00:00
nvd
nvd
CVE-2012-0647
2012-03-12 21:55:00
cvelist
cvelist
CVE-2012-0647
2012-03-12 21:00:00
prion
prion
Design/Logic Flaw
2012-03-12 21:55:00
openvas
openvas
Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
2012-03-13 00:00:00
Apple Safari Webkit Multiple Vulnerabilities (Mar 2012) - Mac OS X
2012-03-13 00:00:00
Apple Safari Webkit Multiple Vulnerabilities (Mar 2012) - Windows
2012-03-13 00:00:00
nessus
nessus
Safari < 5.1.4 Multiple Vulnerabilities
2012-03-12 00:00:00
Mac OS X : Apple Safari < 5.1.4 Multiple Vulnerabilities
2012-03-12 00:00:00
Safari < 5.1.4 Multiple Vulnerabilities
2012-03-13 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

56.7%

JSON
Related for CVE-2012-0647
ubuntucve1nvd1cvelist1prion1openvas4nessus4