|Secunia||Apple Safari Stylesheet Redirection Information Disclosure|
|12th Mar, 2010 19:08|
User Since: -
System Score: -
Location: Copenhagen, DK
Cesar Cerrudo has discovered a vulnerability in Apple Safari, which can be exploited by malicious people to disclose potentially sensitive information.
The vulnerability is caused due to the application following redirects for stylesheets and allowing to read the target URL. This can be exploited on sites that use redirects to URLs containing potentially sensitive information e.g. within the query string.
This is related to vulnerability #8 in:
NOTE: This does not affect redirects to URLs using HTTPS.
The vulnerability is confirmed in version 4.0.4 on Windows. Other versions may also be affected.
|RE: Apple Safari Stylesheet Redirection Information Disclosure||
|This reply has been minimised due to a negative Relevancy Score.|
|Websafe||RE: Apple Safari Stylesheet Redirection Information Disclosure|
|12th Mar, 2010 19:11|
User Since: 24th May 2009
System Score: N/A
Last edited on 12th Mar, 2010 19:11
|Apple has released a new version of its internet browser Safari (4.0.5)
Does this new version resolve the vulnerability mentioned in Secunia Advisory SA37931?
Have a nice day,