VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 19, 2008· Updated Apr 23, 2026

CVE-2008-1005

CVE-2008-1005

Description

WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password.

Affected products

16
  • Apple Inc./Safari16 versions
    cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.