Apple · Safari · CVE-2012-3694
**Name of the Vulnerable Software and Affected Versions**
Apple Safari versions prior to 6.0
**Description**
The issue allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web site, due to improper handling of drag-and-drop events by WebKit in Apple Safari.
**Recommendations**
For versions prior to 6.0, update to version 6.0 or later to resolve the issue.