Another Batch of Safari Vulnerabilities Exposed

 
 
By Ryan Naraine  |  Posted 2008-04-23 Email Print this article Print
 
 
 
 
 
 
 

Apple's Safari browser is beginning to look like a bullet-ridden car in Iraq.

According to a warning posted to security mailing lists, there are multiple security flaws in Safari 3.1.1 that put users at risk of ID-theft spoofing attacks or, worse, expose them to drive-by malware downloads.

I have confirmed the spoofing bug based on a proof-of-concept provided in the warning. Here's an example:

Another Batch of Safari Vulnerabilities Exposed

Safari is also vulnerable to at least two different denial-of-service attacks that could be more dangerous if hackers find a way to exploit the browser crashes.

In the absence of a patch, Safari users should consider using a different browser--Firefox or Opera.

 
 
 
 
del.icio.us | digg.com
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel