CVE-2015-3754 - High top Gene

Description

The private-browsing implementation in WebKit in Apple Safari before 6.2.8 7.x before 7.1.8 and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials which makes it easier for remote attackers to track users via a crafted web site.

Reference

https://support.apple.com/kb/HT205033 http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html http://www.securityfocus.com/bid/76339 http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://www.securitytracker.com/id/1033274