CVE-2008-3644 Information

Description

Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled which allows local users to obtain sensitive information by reading the browser’s page cache.

Reference

http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://secunia.com/advisories/32706 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3298 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/32291 http://www.securitytracker.com/id?1021226 http://www.vupen.com/english/advisories/2008/3232