CVE-2012-3696

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 6.0

Description A CRLF injection issue exists, allowing remote attackers to inject arbitrary HTTP headers and conduct HTTP request splitting attacks via a crafted web site that leverages improper WebSockets URI handling.

Recommendations For versions prior to 6.0, update to version 6.0 or later to resolve the issue.