CVE-2012-3694

WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web site.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
applesafari
𝑥
≤ 5.1.7
applesafari
1.0
applesafari
1.0:beta
applesafari
1.0:beta2
applesafari
1.0.0
applesafari
1.0.0b1:b1
applesafari
1.0.0b2:b2
applesafari
1.0.1
applesafari
1.0.2
applesafari
1.0.3
applesafari
1.0.3:85.8
applesafari
1.0.3:85.8.1
applesafari
1.0b1:b1
applesafari
1.1
applesafari
1.1.0
applesafari
1.1.1
applesafari
1.2
applesafari
1.2.0
applesafari
1.2.1
applesafari
1.2.2
applesafari
1.2.3
applesafari
1.2.4
applesafari
1.2.5
applesafari
1.3
applesafari
1.3.0
applesafari
1.3.1
applesafari
1.3.2
applesafari
1.3.2:312.5
applesafari
1.3.2:312.6
applesafari
2.0
applesafari
2.0.0
applesafari
2.0.1
applesafari
2.0.2
applesafari
2.0.3
applesafari
2.0.3:417.8
applesafari
2.0.3:417.9
applesafari
2.0.3:417.9.2
applesafari
2.0.3:417.9.3
applesafari
2.0.4
applesafari
2.0.4
applesafari
3.0
applesafari
3.0.0
applesafari
3.0.0
applesafari
3.0.0b:b
applesafari
3.0.0b:b
applesafari
3.0.1
applesafari
3.0.1
applesafari
3.0.1:beta
applesafari
3.0.1b:b
applesafari
3.0.1b:b
applesafari
3.0.2
applesafari
3.0.2
applesafari
3.0.2b:b
applesafari
3.0.2b:b
applesafari
3.0.3
applesafari
3.0.3
applesafari
3.0.3b:b
applesafari
3.0.3b:b
applesafari
3.0.4
applesafari
3.0.4
applesafari
3.0.4b:b
applesafari
3.0.4b:b
applesafari
3.1.0
applesafari
3.1.0
applesafari
3.1.0b:b
applesafari
3.1.0b:b
applesafari
3.1.1
applesafari
3.1.1b:b
applesafari
3.1.2
applesafari
3.1.2b:b
applesafari
3.2.0
applesafari
3.2.0b:b
applesafari
3.2.1
applesafari
3.2.1b:b
applesafari
3.2.2
applesafari
3.2.2b:b
applesafari
4.0
applesafari
4.0:beta
applesafari
4.0.0b:b
applesafari
4.0.1
applesafari
4.0.2
applesafari
4.0.3
applesafari
4.0.4
applesafari
4.0.5
applesafari
4.1
applesafari
4.1.1
applesafari
4.1.2
applesafari
5.0
applesafari
5.0.1
applesafari
5.0.2
applesafari
5.0.4
applesafari
5.0.5
applesafari
5.0.6
applesafari
5.1
applesafari
5.1.1
applesafari
5.1.2
applesafari
5.1.3
applesafari
5.1.4
applesafari
5.1.5
applesafari
5.1.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://support.apple.com/kb/HT5400
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://support.apple.com/kb/HT5400