Saturday, May 25, 2013
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
GIGABYTE Launches the BRIX PC Kit
Google To Offer Wireless Networks In Emerging Markets: report
Yahoo Among The Bidders For Hulu
Xbox One To Support 3D Gaming and 4K Video
Xbox One Available For Pre-order For 599 Euros
Panasonic, Toshiba Showcase High-resolution Flexible OLED Displays
Nokia Files New Complaint Against HTC
Verbatim V3 MAX USB 3.0 Flash Drives Available In Europe
Active Discussions
Windows 64
CDR for car Sat Nav
deleted
CD Drive Retrieve
burning
Extremely Slow External CD (Samsung SE-S084C)
Best optical drive for ripping CD's? My LG 4163B is mediocre.
Verbatim DVD+R still tops?
 Home > News > General Computing > Researc...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, May 11, 2010
Researchers Reveal Important Safari Vulnerability

Danish vulnerability tracker Secunia found a vulnerability and a security issue in Apple's Safari browser.

According to Secunia, the security issue can lead to exposure of sensitive information and the vulnerability can be exploited by malicious people to compromise a user's system.

An error in the handling of parent windows can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows, Secunia announced.

The security issue is caused due to Safari including HTTP basic authentication credentials in an HTTP request if a web page that requires HTTP basic authentication redirects to a different domain (e.g. via a "Location" header).

The vulnerability and the security issue are confirmed in Safari version 4.0.5 for Windows.

The company recommends users not to visit untrusted web sites or follow links from untrusted sources. In addition, users should not authenticate to sites that use HTTP basic authentication and use redirections to different domains.

US-CERT also confirmed the vulnerability affecting Apple Safari.

"By convincing a user to open a specially crafted web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available," US-CERT said.

US-CERT encourages users and administrators to disable JavaScript until a fix is provided by Apple.

Previous
 		Next
Sharp Develops 3D Camera Module for Mobile Devices Capable of Capturing HD 3D Video        All News        Report: $51 Billion Lost to Software Piracy in 2009
US Patent Office Affirms i4i Patent - Rejects Microsoft Challenge     General Computing News      Report: $51 Billion Lost to Software Piracy in 2009
Get RSS feed Easy Print E-Mail this Message
Related News
Apple Adds Galaxy S4 To Patent Infrigment Battle With Samsung
U.S. Pentagon Approves Military-use Of iOS 6 Devices
Android Trumping Apple In Smartphone Market
Apple's App Store Marks 50 Billionth Download
EU Regulators Say Google-owned Motorola Abused Its Position
U.S. Smartphone Market Gives Push To Apple's Share
Apple's Profit Decreased
US ITC Clears Apple Of Google Patent Violation
Apple Reportedly Moving Away From Samsung's Semiconductors
Apple In Talks With Yahoo On iPhone Partnership
U.S. Patent Office Withdraws Rejection of Apple's iPad Mini Trademark
Judge Says Samsung Infringes Part Of Apple Patent

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2013 - All rights reserved -
Privacy policy - Contact Us .