The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 2.1 | LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
| Hyperlink | Source | Resource |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html | product-security@apple.com | Vendor Advisory |
| http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html | product-security@apple.com | N/A |
| http://www.securitytracker.com/id/1032047 | product-security@apple.com | N/A |
| http://www.ubuntu.com/usn/USN-2937-1 | product-security@apple.com | N/A |
| https://support.apple.com/HT204658 | product-security@apple.com | Vendor Advisory |
| http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html | af854a3a-2127-422b-91ae-364da2661108 | Vendor Advisory |
| http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.securitytracker.com/id/1032047 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.ubuntu.com/usn/USN-2937-1 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| https://support.apple.com/HT204658 | af854a3a-2127-422b-91ae-364da2661108 | Vendor Advisory |