Funny how Apple decided to go patch the 1 year old Perl_sv_vcatpvfn bug
now, after Kevin pointed it out on the list the other day.

http://www.securityfocus.com/bid/15629

On 24 Nov 2006, at 3:12am, K F (lists) wrote:

> kevin-finisterres-computer:~ kf$ gdb -q perl
> Reading symbols for shared libra

[ more ]  [ reply ]

Looks like Safari is prone to a cached password issue similar to the one
recently reported in Firefox:

http://tearesolutions.com/2006/11/how_to_steal_passwords_from_safaris_au
tofill.html

While it isn't earth shattering, it still can be a problem for users of
sites like MySpace.

Marc Fossi
Syman

[ more ]  [ reply ]

First reported by the Finnish Information Security company, F-Secure
(http://www.f-secure.com/weblog/archives/
archive-112006.html#00001030), a new proof-of-concept piece of
malware that specifically targets OS X has been identified. Dubbed
IAdware, the PoC is designed to open the browser ev

[ more ]  [ reply ]

[ Please forgive the top-posting ]

Well, following the Securityfocus vuln note (which you've elided, Simon)
at:

http://www.securityfocus.com/bid/15629

Let's look at the SF Bugtraq entry there. We see on the Info tab:

Bugtraq ID: 15629
Class: Input Validation Error
[ ... ]
CVE:

[ more ]  [ reply ]