All Internet News. Center for all Internet-related news.
Menu

Advanced Search

News Home

Submit an Article

Categories
Advertising
Community
Ecommerce
Internet Crimes
Internet News
Internet Providers
Internet Resources
Internet Security
Internet Services
LASIK - laser eye surgery
Legal Internet
Online Games
Search Engines
Telecom
Web Design and Development
Web Hosting
Weblogs
Wireless

Partner Sites
Contact Us
Privacy Policy

 


Category:

US-CERT Alert: Public Exploit Code for a Vulnerability in Apple Safari Browser

US-CERT Alert: Public Exploit Code for a Vulnerability in Apple Safari Browser

February 21, 2006 -- US-CERT is aware of publicly available exploit code for a vulnerability in Apple Safari Browser. The Apple Safari browser will automatically open "safe" file types, such as pictures, movies, and archive files. A system may be compromised if a user accesses an HTML document that references a specially crafted archive file. Successful exploitation may allow a remote, unauthenticated attacker to execute arbitrary commands with the privileges of the user.

More information can be found in the following US-CERT Vulnerability Note:

* VU#999708 - Apple Safari may automatically execute arbitrary shell commands

Although there is limited information on how to fully defend against this exploit, US-CERT recommends the following mitigation:

* Disable the option "Open 'safe' files after downloading," as specified in the Securing Your Web Browser document.

We will continue to update current activity as more information becomes available.

Source: US-CERT



Source: Wired News
 
Advertisement
 
Categories: Advertising || Community || Ecommerce || Internet Crimes || Internet News || Internet Providers || Internet Resources || Internet Security || Internet Services || LASIK - laser eye surgery || Legal Internet || Online Games || Search Engines || Telecom || Web Design and Development || Web Hosting || Weblogs || Wireless

News Home || Advanced Search || Links || Contact Us || Privacy Policy