Friday, May 25, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Seagate's New VR Power Drive Adds Capacity and Extends Battery Life of the HTC VIVE Focus VR Headset
Samsung Should Pay Apple $539 million in Patent Retrial
Amazon Admits Alexa Eavesdropped and Shared Conversation
Twitter and Facebook Reveal Measures to Bring Transparency to Political Ads
Lenovo's PC Sales Shows Signs of Life, Although Smartphones Sales Remain Low
Uber's Self-driving Recognized Pedestrian Late and Failed to Brake: NTSB
Qualcomm Snapdragon 710 Mobile Platform Brings Artificial Intelligence Features to a New Tier of Smartphones
Intel Nervana NNP-L1000 Neural Network Processor Coming in 2019
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Researc...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, May 11, 2010
Researchers Reveal Important Safari Vulnerability


Danish vulnerability tracker Secunia found a vulnerability and a security issue in Apple's Safari browser.

According to Secunia, the security issue can lead to exposure of sensitive information and the vulnerability can be exploited by malicious people to compromise a user's system.

An error in the handling of parent windows can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows, Secunia announced.

The security issue is caused due to Safari including HTTP basic authentication credentials in an HTTP request if a web page that requires HTTP basic authentication redirects to a different domain (e.g. via a "Location" header).

The vulnerability and the security issue are confirmed in Safari version 4.0.5 for Windows.

The company recommends users not to visit untrusted web sites or follow links from untrusted sources. In addition, users should not authenticate to sites that use HTTP basic authentication and use redirections to different domains.

US-CERT also confirmed the vulnerability affecting Apple Safari.

"By convincing a user to open a specially crafted web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available," US-CERT said.

US-CERT encourages users and administrators to disable JavaScript until a fix is provided by Apple.




Previous
Next
Sharp Develops 3D Camera Module for Mobile Devices Capable of Capturing HD 3D Video        All News        Report: $51 Billion Lost to Software Piracy in 2009
US Patent Office Affirms i4i Patent - Rejects Microsoft Challenge     General Computing News      Report: $51 Billion Lost to Software Piracy in 2009

Get RSS feed Easy Print E-Mail this Message

Related News
Samsung Should Pay Apple $539 million in Patent Retrial
Apple to Offer $50 Rebates for iPhone Battery Swaps
Next Generation A12 iPhone Chips Are Already in production On TSMC's 7nm Process
Apple CEO Says Apple Music Hits 50 Million Subscribers
Apple Will Not Build $1 billion Data Center in Ireland
Apple's Record Profit Shrugs Off iPhone Sales Fears
European Regulators Investigate Apple's Proposed Acquisition of Shazam
Apple to Replace Some MacBook Pro Laptop Batteries
LG Display's OLED Smartphone Screens Still Not Ready For Apple
Apple Said to Release News Subscription Service
Apple Caught Employees and Contractors Leaking Company's Unannounced Projects
Apple introduces iPhone 8 and iPhone 8 Plus (PRODUCT)RED Special Edition

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .