Apple plugs three Safari for Windows holes Comments

ZDNet Blogs by Ryan Naraine - Jun 14, '07 9:38am
Add to Favorites Add to Live.com Add to Google Add to del.icio.us Add to Yahoo! Add to Digg Add to Reddit Add to Technorati Add to StumbleUpon Apple has responded swiftly to the discovery of vulnerabilities in its new Safari for Windows browser, rushing out fixes for a trio of potentially dangerous security flaws. The new Safari 3.0.1 Public Beta confirms and fixes a remote code execution hole found by Danish hacker Thor Larholm and two other undocumented denial-of-service/code execution bugs. "By enticing a user to visit a maliciously crafted web page, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional processing and validation of URLs," Apple said in an advisory. Larholm confirms the bug has been fixed but suggests there may still be some related problems: Quotes and whitespace [are] now filtered on any...
Be the first to comment this.
Name: (required)
Email:   (not displayed, optional)
URL:     (optional)
          Remember info in safe cookie
Comments: (all HTML will be stripped)

Security Code:
© 2007 · wiredb.com · All trademarks are properties of their respective owners.