Safari for Windows ... vulnerability found

muckshifter

muckshifter

I'm not weird, I'm a limited edition.
Moderator
Joined
Mar 5, 2002
Messages
25,739
Reaction score
1,204
Safari for Windows that is…

Thor Larholm has discovered a remote command execution vulnerability in the newly released Safari for Windows (Beta) just a day after it was released. The vulnerability is caused by Safari's failure to validate user-supplied strings before passing them as parameters to external URL protocol handlers. The vulnerability can be exploited to execute arbitrary code on a victim's computer just by making them view a malicious web page in Safari.

Some other vulnerability researchers have reportedly discovered more remote command execution vulnerabilities in Safari. However, as of now, only the vulnerability discovered by Larholm can be independently confirmed.
Click to expand...
... well, it is a Beta product, what do they expect? ;)


:user:
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

New Zero Day IE vulnerability 0
Microsoft patches Windows zero-day found in Hacking Team's leaked docs 4
How to test MDS (Zombieload) patch status on Windows systems 1
Microsoft PowerPoint Code Execution Vulnerability 12
Yahoo! Messenger ActiveX Control Buffer Overflows 0
Spyware not working? 6
Origin exploit discovered, allows EA store to launch malicious code 0
Microsoft Security Bulletins for Feb. 2008 3

Top