CVE-2012-3694

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 6.0

Description The issue allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web site, due to improper handling of drag-and-drop events by WebKit in Apple Safari.

Recommendations For versions prior to 6.0, update to version 6.0 or later to resolve the issue.