Focus on Apple
Apple Releases Safari 3 Beta Update 3.0.2 Jun 23 2007 12:59AM
Todd Woodward (todd_woodward symantec com)
No direct link to a Knowledge Base document on Apple's site.

Here is a short description:

Safari
In Safari Beta 3.0.1 for Windows, a timing issue allows a web page to change the contents of the address bar without loading the contents of the corresponding page. This could be used to spoof the contents of a legitimate site, allowing user credentials or other information to be gathered. This update addresses the issue by restoring the address bar contents if a request for a new web page is terminated.

Safari's security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This update addresses the issue by correcting access control to window properties.

WebCore
An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could conduct cross-site scripting attacks. This update addresses the issue by performing additional validation of header parameters.

WebKit
An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution.

###

Security Response Researcher
Focus-Apple Moderator
________________________________________
Todd D. Woodward
Technical Support Engineer
NetBackup Support
Symantec Corporation
www.symantec.com
________________________________________
Office: 541-335-7441
________________________________________

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus