This is cache of http://feeds.feedburner.com/~r/Liquidmatrix/~3/316387041/. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Safari For Windows Vulnerabilities
2008-06-20 18:36:54 by Dave Lewis in Liquidmatrix Security Digest
 

This one came out early this morning.

From Secunia:

Description:
Some vulnerabilities and a security issue have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or to compromise a user’s system.

1) A boundary error within the handling of BMP and GIF images can be exploited to trigger an out-of-bounds read and disclose content in memory.

2) A security issue exists due to Safari automatically launching downloaded executable files from sites in a Internet Explorer 7 zone with the “Launching applications and unsafe files” option set to “Enable”, or sites in the Internet Explorer 6 “Local intranet” or “Trusted sites” zone.

3) An unspecified error in the handling of Javascript arrays can be exploited to cause a memory corruption when a user visits a specially crafted web page.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are reported in Safari for Windows prior to version 3.1.2.

If you’re running it patch ‘er up. Or conversely you could just bite the bullet and get a Mac. (right, and use Firefox with NoScript. thx folks)

:)

Article Link

 
Tags: safari, sites zone, zone, internet explorer, apple safari, sites, vulnerabilities, memory corruption, disclose sensitive information
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia