In association with heise online

10 May 2010, 11:37

Zero-day exploit for Safari

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Security company Secunia is warning of a critical vulnerability in Apple's Safari browser. The current version (4.0.5) and possibly older versions are affected. If a user visits a website containing the exploit using the Windows version of Safari, the site can compromise the system and either crash the browser or execute malicious code. The problem is caused by an error in the way the browser deals with pop-ups.

The demo exploit provided by Secunia opens the calculator program in Windows XP Service Pack 2. No cases of the vulnerability being exploited in the wild have been reported to date. Users should nevertheless avoid clicking on links to untrusted websites.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit