Focus on Apple
Safari for Windows: "0 Day Exploit in 2 Hours" Jun 12 2007 07:35PM
Todd Woodward (todd_woodward symantec com) (1 replies)
Re: Safari for Windows: "0 Day Exploit in 2 Hours" Jun 12 2007 07:47PM
mfossi securityfocus com
The exploit also works on Safari 3.0 beta for OS X and Safari 2.0
(launches Firefox but the browser doesn't crash 2.0). There was a similar,
still unpatched issue reported in Safari 2.0 using the ssh: protocol
handler, so the two issues may be related or an overall issue with
Safari's URL protocol handlers.

The earlier issue:
http://www.securityfocus.com/bid/10406

On Tue, 12 Jun 2007, Todd Woodward wrote:

> Yesterday at WWDC, a public beta of Safari for Windows was released. For the purposes of this list and discussion, it appears that a 0 day flaw was discovered.
>
> A colleague "pinged" me with the following article:
>
> http://larholm.com/2007/06/12/safari-for-windows-0day-exploit-in-2-hours
/
>
>
> Security Response Researcher
> Focus-Apple Moderator
>  
> ________________________________________
> Todd D. Woodward
> Technical Support Engineer
> NetBackup Support
> Symantec Corporation
> www.symantec.com
> ________________________________________
> Office: 541-335-7441
>

Marc Fossi
Symantec Corp.
www.symantec.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus