Apple releases security update for Safari
Apple have released Safari 4.0.3, a security update for the Safari web browser, to address a number of issues. Six problems are addressed; critical bugs, including a heap buffer overflow in CoreGraphics when drawing long text strings and a buffer overflow when handling EXIF metadata on Windows XP and Vista which may lead to arbitrary code execution or crashes. Another buffer overflow, this time in WebKit, affects Windows and Mac OS X, and could lead to crashes or malicious code execution.
Other issues include the ability for a malicious web site to promote arbitrary sites into Safari's "Top Sites" page, disclosure of sensitive information, launching of file URLs and fixes to the handling of look-a-like characters in domain names. A proof of concept exploit has been released publicly for the "Top Sites" issue. The look-a-like character issue is a homograph spoofing attack, where a character from one character set, say a Cyrillic "a", is placed where a Latin character set "a" would be in a domain name. As these characters are visually very similar, it becomes difficult to determine that a domain name actually contains these substituted characters. This allows phishers to, for example, register a domain which appears to be www.paypal.com.
The update is available through Apple's Software Update service, or to download for Mac OS X 10.4.11, 10.5.7 and 10.5.8, Mac OS X Server 10.4.11, 10.5.7 and 10.5.8, and Windows XP and Vista.