SecurityFocus

Apple Safari: cookie stealing Jun 13 2007 10:34AM
Robert Swiecki (jagger swiecki net) (2 replies)

Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing Jun 14 2007 11:31PM
Robert Swiecki (jagger swiecki net) (2 replies)

Re: Apple Safari: idn urlbar spoofing Jun 25 2007 08:33PM
Robert Swiecki (jagger swiecki net) (1 replies)

RE: [Full-disclosure] Apple Safari: idn urlbar spoofing Jun 25 2007 09:15PM
Larry Seltzer (Larry larryseltzer com) (1 replies)

Re: [Full-disclosure] Apple Safari: idn urlbar spoofing Jun 25 2007 09:22PM
Michal Zalewski (lcamtuf dione ids pl) (1 replies)

Re: Apple Safari: idn urlbar spoofing Jun 27 2007 09:27AM
Robert Swiecki (jagger swiecki net)

Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing Jun 15 2007 02:07PM
Mark Senior (senatorfrog gmail com)

Re: [Full-disclosure] Apple Safari: cookie stealing Jun 13 2007 02:46PM
Michal Zalewski (lcamtuf dione ids pl)

On Wed, 13 Jun 2007, Robert Swiecki wrote:

> The flaw exists in the javascript's window.setTimeout() implementation.

Forgive me the rant, but... all other recently reported problems aside,
seeing this, I can only ask - which rock did Safari developers hide under
for the past 8 years or so?

I mean... this is the type of a flaw you probably no longer even to test
for because it seems too obvious - 'ping -l 65510' of the browser world...

/mz

[ reply ]