BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Apple Safari on MacOSX may reveal user's saved passwords May 15 2007 10:15PM
David Cantrell (d cantrell outcometechnologies com)
Injecting Javascript into a browser like this does *not* require that
the attacker be on the local console. To run Applescript while logged
inremotely using ssh, you can use the 'osascript' utility.

It works for:
the same user using ssh as is on the console;
the root user using ssh (or som...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus