CVE-2009-1706 Information

Description

The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application which makes it easier for remote web servers to track users via a cookie.

Reference

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://osvdb.org/54997 http://secunia.com/advisories/35379 http://support.apple.com/kb/HT3613 http://www.securityfocus.com/bid/35260 http://www.securityfocus.com/bid/35346 http://www.vupen.com/english/advisories/2009/1522