myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

Apple Safari 3.1 for Windows - Critical security vulnerabilities

Two new critical security advisories have been issued for Apple's new Safari 3.1 Windows browser.

Apple Safari 3.1 for Windows - Critical security vulnerabilities 
http://secunia.com/advisories/29483/

Description: Juan Pablo Lopez Yacubian has discovered two vulnerabilities in Safari, which can be exploited by malicious people to conduct spoofing attacks or potentially compromise a user's system.

1) An error when downloading e.g. a .ZIP file with an overly long filename can be exploited to cause a memory corruption. Successful exploitation may allow execution of arbitrary code.

2) An error in the handling of windows can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar. The vulnerabilities are confirmed in version 3.1 for Windows. Other versions may also be affected.

Solution Status:  UNPATCHED

Published Mar 25 2008, 10:08 PM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems