Vulnerability Description
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Safari | All versions |
Related Weaknesses (CWE)
References
- http://kuza55.blogspot.com/2008/07/some-random-safari-notes.html
- http://www.securityfocus.com/bid/30193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43837
- http://kuza55.blogspot.com/2008/07/some-random-safari-notes.html
- http://www.securityfocus.com/bid/30193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43837
FAQ
What is CVE-2008-3171?
CVE-2008-3171 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
How severe is CVE-2008-3171?
CVE-2008-3171 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3171?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari.