Apple Safari HTTPS to HTTPS Referer Information Disclosure Vulnerability

Bugtraq ID:	30193
Class:	Design Error
CVE:	CVE-2008-3171
Remote:	Yes
Local:	No
Published:	Jul 12 2008 12:00AM
Updated:	May 07 2015 05:27PM
Credit:	Alex aka kuza55
Vulnerable:	Apple Safari 3.1.2 for Windows Apple Safari 3.1.2
Not Vulnerable:

Apple Safari HTTPS to HTTPS Referer Information Disclosure Vulnerability

Apple Safari is prone to an information-disclosure vulnerability because the browser forwards HTTP Referer data in HTTPS requests made from secure HTTPS servers.

Information gathered by an attacker who exploits this vulnerability can aid in further attacks.

Safari 3.1.2 is vulnerable; other versions may also be affected.

Apple Safari HTTPS to HTTPS Referer Information Disclosure Vulnerability

To exploit this issue an attacker would have to wait for a user of the application to follow a URI from an HTTPS server to an arbitrary HTTPS server that the attacker has control of or where they can view activity logs.

Apple Safari HTTPS to HTTPS Referer Information Disclosure Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Apple Safari HTTPS to HTTPS Referer Information Disclosure Vulnerability

References:

• Safari Homepage (Apple)
  
• Some Random Safari Notes (Alex's Corner)