CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

Safari 4.0.2 patches two security vulnerabilities.   Logged in as: Guest
Viewers: 704 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Software News >> Safari 4.0.2 patches two security vulnerabilities. Page: [1]
Login
Message << Older Topic   Newer Topic >>
Safari 4.0.2 patches two security vulnerabilities. - 7/9/2009 6:46:25 AM   
astra

 

Posts: 462
Joined: 4/1/2009
Status: offline
Apple yesterday released Safari 4.0.2 via Software Update and recommends the update for users on all platforms.

According to Apple's typically vague “release notes” the 40.2MB update improves the stability of the Nitro JavaScript engine and includes the latest compatibility and security fixes.

According to the knowledgebase article HT3666 the update addresses two security vulnerabilities that could be exploited by maliciously crafted Web sites.

The first security fix addresses a problem in WebKit's handling of parent and top objects which may result in a cross-site scripting attack when visiting a maliciously crafted Web site.

The second addresses a memory corruption issue in WebKit's handling of numeric character references.

Visiting a maliciously crafted Web site may lead to an unexpected application termination or arbitrary code execution.

If you use Safari 4 as your primary browser the update is highly recommended.


http://www.zdnet.com/


Post #: 1
Page:   [1]
All Forums >> [News Around The Web] >> Software News >> Safari 4.0.2 patches two security vulnerabilities. Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.047