CVE-2013-5227 Information

Description

Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6441 http://www.securityfocus.com/bid/64355