Details of VAR-200612-0489

ID

VAR-200612-0489

CVE

CVE-2006-6238

TITLE

Apple Safari of AutoFill Vulnerabilities that capture important information on functions

Trust: 0.8

sources: JVNDB: JVNDB-2006-001671

DESCRIPTION

The AutoFill feature in Apple Safari 2.0.4 does not properly verify that all automatically populated form fields are visible to the user, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via input fields of zero width, a variant of CVE-2006-6077. This issue may allow attackers to obtain user credentials that have been saved in forms deriving from the same website where attack code resides. The most common manifestation of this condition would typically be in blogs or forums. This may allow attackers to gain access to potentially sensitive information that would facilitate the success of phishing attacks. is a variant of CVE-2006-6077. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Safari AutoFill Information Disclosure SECUNIA ADVISORY ID: SA23066 VERIFY ADVISORY: http://secunia.com/advisories/23066/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: >From remote SOFTWARE: Safari 2.x http://secunia.com/product/5289/ DESCRIPTION: A vulnerability has been discovered in Safari, which can be exploited by malicious people to conduct phishing attacks. This may be exploited to steal user credentials via malicious forms in the same domain. Successful exploitation requires that the "User names and passwords" option is enabled in the AutoFill preferences. The vulnerability is confirmed in version 2.0.4. Other versions may also be affected. SOLUTION: Disable the "AutoFill" option for user names and passwords in the preferences. ORIGINAL ADVISORY: https://bugzilla.mozilla.org/show_bug.cgi?id=360493 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2006-6238 // JVNDB: JVNDB-2006-001671 // BID: 21329 // VULHUB: VHN-22346 // PACKETSTORM: 52591

AFFECTED PRODUCTS

vendor:

apple

model:

safari

scope:

version:

2.0.4

Trust: 2.7

sources: BID: 21329 // JVNDB: JVNDB-2006-001671 // CNNVD: CNNVD-200612-015 // NVD: CVE-2006-6238

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-6238
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2006-6238
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200612-015
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-22346
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-6238
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-22346
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-22346 // JVNDB: JVNDB-2006-001671 // CNNVD: CNNVD-200612-015 // NVD: CVE-2006-6238

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6238

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200612-015

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200612-015

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001671

PATCH

title:

Top Page

url:

http://www.apple.com/safari/

Trust: 0.8

sources: JVNDB: JVNDB-2006-001671

EXTERNAL IDS

db:	NVD	id:	CVE-2006-6238	Trust: 2.5
db:	BID	id:	21329	Trust: 2.0
db:	SECUNIA	id:	23066	Trust: 1.8
db:	JVNDB	id:	JVNDB-2006-001671	Trust: 0.8
db:	CNNVD	id:	CNNVD-200612-015	Trust: 0.7
db:	VULHUB	id:	VHN-22346	Trust: 0.1
db:	PACKETSTORM	id:	52591	Trust: 0.1

sources: VULHUB: VHN-22346 // BID: 21329 // JVNDB: JVNDB-2006-001671 // PACKETSTORM: 52591 // CNNVD: CNNVD-200612-015 // NVD: CVE-2006-6238

REFERENCES

url:	http://tearesolutions.com/2006/11/how_to_steal_passwords_from_safaris_autofill.html	Trust: 2.0
url:	http://www.securityfocus.com/bid/21329	Trust: 1.7
url:	http://secunia.com/advisories/23066	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6238	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6238	Trust: 0.8
url:	http://www.apple.com/safari/	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://corporate.secunia.com/products/48/?r=l	Trust: 0.1
url:	https://bugzilla.mozilla.org/show_bug.cgi?id=360493	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/5289/	Trust: 0.1
url:	http://corporate.secunia.com/how_to_buy/15/?r=l	Trust: 0.1
url:	http://secunia.com/advisories/23066/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-22346 // BID: 21329 // JVNDB: JVNDB-2006-001671 // PACKETSTORM: 52591 // CNNVD: CNNVD-200612-015 // NVD: CVE-2006-6238

CREDITS

David Teare disclosed this weakness in Apple Safari.

Trust: 0.9

sources: BID: 21329 // CNNVD: CNNVD-200612-015

SOURCES

db:	VULHUB	id:	VHN-22346
db:	BID	id:	21329
db:	JVNDB	id:	JVNDB-2006-001671
db:	PACKETSTORM	id:	52591
db:	CNNVD	id:	CNNVD-200612-015
db:	NVD	id:	CVE-2006-6238

LAST UPDATE DATE

2024-08-14T14:15:37.108000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-22346	date:	2008-09-05T00:00:00
db:	BID	id:	21329	date:	2006-11-29T22:00:00
db:	JVNDB	id:	JVNDB-2006-001671	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200612-015	date:	2006-12-05T00:00:00
db:	NVD	id:	CVE-2006-6238	date:	2008-09-05T21:14:15.787

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-22346	date:	2006-12-03T00:00:00
db:	BID	id:	21329	date:	2006-11-28T00:00:00
db:	JVNDB	id:	JVNDB-2006-001671	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	52591	date:	2006-11-30T16:12:25
db:	CNNVD	id:	CNNVD-200612-015	date:	2006-12-03T00:00:00
db:	NVD	id:	CVE-2006-6238	date:	2006-12-03T19:28:00