Apple Safari For Windows Critical Vulnerabilities
Two new highly critical security advisories have been issued for Apple’s new Safari 3.1 Windows browser.
Juan Pablo Lopez Yacubian has discovered and provided two vulnerabilities in Safari, which can be exploited by malicious users to conduct spoofing attacks or potentially compromise a remote system.
1) An error when downloading, for example, a .ZIP file with an overly long filename can be exploited to cause a memory corruption. Successful exploitation may allow execution of arbitrary code.
2) An error in the handling of windows can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
The vulnerabilities are confirmed in version 3.1 for Windows. Other versions may also be affected.
Temporal Solution: Do not browse untrusted web sites.
Solution Status: UNPATCHED
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.