Sunday, December 21, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Samsung Introduces SE790C Curved Monitor
Chinese Motion-sensing VR Glasses Coming On Kickstarter
Kodak Returns To CES With Consumer Product Line
North Korea Suggests Joint Inverstigation With U.S. Over Sony Hacking
T-Mobile to Pay $90 Million To Settle Case With FCC
New Trojan Targetted Banks Wordlwide
FBI Confirms North Korea Was Behind Sony Hack
Apple Responds To BBC's Allegations Over Working Conditions In Chinese Factory
Active Discussions
Digital Audio Extraction and Plextools
Will there be any trade in scheme for the coming PSP Go?
Hello, Glad to be Aboard!!!
Best optical drive for ripping CD's? My LG 4163B is mediocre.
Hi All!
cdrw trouble
CDR for car Sat Nav
DVD/DL for Optiarc 7191S at 8X
 Home > News > General Computing > Researc...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, May 11, 2010
Researchers Reveal Important Safari Vulnerability


Danish vulnerability tracker Secunia found a vulnerability and a security issue in Apple's Safari browser.

According to Secunia, the security issue can lead to exposure of sensitive information and the vulnerability can be exploited by malicious people to compromise a user's system.

An error in the handling of parent windows can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows, Secunia announced.

The security issue is caused due to Safari including HTTP basic authentication credentials in an HTTP request if a web page that requires HTTP basic authentication redirects to a different domain (e.g. via a "Location" header).

The vulnerability and the security issue are confirmed in Safari version 4.0.5 for Windows.

The company recommends users not to visit untrusted web sites or follow links from untrusted sources. In addition, users should not authenticate to sites that use HTTP basic authentication and use redirections to different domains.

US-CERT also confirmed the vulnerability affecting Apple Safari.

"By convincing a user to open a specially crafted web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available," US-CERT said.

US-CERT encourages users and administrators to disable JavaScript until a fix is provided by Apple.




Previous
Next
Sharp Develops 3D Camera Module for Mobile Devices Capable of Capturing HD 3D Video        All News        Report: $51 Billion Lost to Software Piracy in 2009
US Patent Office Affirms i4i Patent - Rejects Microsoft Challenge     General Computing News      Report: $51 Billion Lost to Software Piracy in 2009

Get RSS feed Easy Print E-Mail this Message

Related News
Apple Responds To BBC's Allegations Over Working Conditions In Chinese Factory
Jury Says Apple Not Guilty in iPod Suit
Apple and IBM Bring Big Data Analytics and Security Capabilities on iPhone And iPad
Samsung Seeks to Toss $930 Million Award
iPhone 6 Plus Captures Great Portion Of US "phablet" Sales
Apple Technology Protects Falling Phones
New 12-inch iPad Air Plus iPad Coming This Summer
Apple To Donate Part of App Sales Profit To Support Fight Against AIDS
Apple To Bundle Beats to iOS: report
Apple WatchKit Software Tools Now Available
UnionPay Payment Option Now Available For or Chinese Apple Customers
Samsung To Make Future Application Processors For Apple: report

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .