Apple Safari 3.1之前版本多个安全漏洞

BUGTRAQ ID: 28290 CVECAN ID: CVE-2008-1011,CVE-2008-1010,CVE-2008-1009,CVE-2008-1008,CVE-2008-1007,CVE-2008-1006,CVE-2008-1005,CVE-2008-1004,CVE-2008-1003,CVE-2008-1002,CVE-2008-1001,CVE-2008-0050 Safari是苹果家族操作系统默认所捆绑的WEB浏览器。 Safari的3.1版修复了多个安全漏洞，具体如下： CVE-2008-0050 恶意的HTTPS代理服务器可能在502 Bad...

CVE-2008-1005

WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password...

Design/Logic Flaw

WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password...

CVE-2008-1005

CVE-2008-1005 affects Apple Safari (WebCore) prior to 3.1. The issue is that the password field is not properly masked during reverse conversion with the Kotoeri input method, allowing physically proximate attackers to read the password. The related connected material confirms Safari 3.1 addresse...