Safari 4.0.2 patches two security vulnerabilities. (Full Version)

All Forums >> [News Around The Web] >> Software News


astra -> Safari 4.0.2 patches two security vulnerabilities. (7/9/2009 6:46:25 AM)

Apple yesterday released Safari 4.0.2 via Software Update and recommends the update for users on all platforms.

According to Apple's typically vague “release notes” the 40.2MB update improves the stability of the Nitro JavaScript engine and includes the latest compatibility and security fixes.

According to the knowledgebase article HT3666 the update addresses two security vulnerabilities that could be exploited by maliciously crafted Web sites.

The first security fix addresses a problem in WebKit's handling of parent and top objects which may result in a cross-site scripting attack when visiting a maliciously crafted Web site.

The second addresses a memory corruption issue in WebKit's handling of numeric character references.

Visiting a maliciously crafted Web site may lead to an unexpected application termination or arbitrary code execution.

If you use Safari 4 as your primary browser the update is highly recommended.

Page: [1]

Valid CSS!

Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI