Apple · Ios · CVE-2011-0160
**Name of the Vulnerable Software and Affected Versions**
Apple Safari versions prior to 5.0.4
iOS versions prior to 4.3
**Description**
The issue arises from improper handling of redirects in conjunction with HTTP Basic Authentication. This might allow remote web servers to capture credentials by logging the Authorization HTTP header.
**Recommendations**
For Apple Safari versions prior to 5.0.4, update to version 5.0.4 or later.
For iOS versions prior to 4.3, update to version 4.3 or later.