CVE-2011-0217

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 5.0.6

Description The issue allows remote attackers to obtain Address Book information via a crafted form. This occurs because Apple Safari provides AutoFill information to scripts that execute before HTML form submission.

Recommendations For versions prior to 5.0.6, update to version 5.0.6 or later to resolve the issue. As a temporary workaround, consider disabling the AutoFill feature until a patch is available. Restrict access to sensitive information stored in the Address Book to minimize the risk of exploitation.