Vulnerabilities for Safari on Windows
<p>Just hours after Apple released Safari for Windows and I wrote about the <a href="http://www.symantec.com/enterprise/security_response/weblog/2007/06/new_technologies_from_apple.html">potential for associated exploits</a>, multiple exploits have been released. This currently includes:</p>
<p><a href="http://www.securityfocus.com/bid/24434">Apple Safari for Windows Protocol Handler Command Injection Vulnerability</a> (BID 24434)<br />
<a href="http://www.securityfocus.com/bid/24431">Apple Safari for Windows Unspecified Denial of Service Vulnerability</a> (BID 24431)<br />
<a href="http://www.securityfocus.com/bid/24433">Apple Safari for Windows Unspecified Remote Code Execution and Denial of Service Vulnerabilities</a> (BID 24433)</p>
<p>Details on the first one have already been released publicly and the other two have been reportedly disclosed to Apple. We have not seen these being used maliciously in the wild, but then again, they were just released hours ago. We definitely expect in-the-wild usage to follow in the future, as well as the discovery of more vulnerabilities.</p>
<p>This Safari release is officially a beta release. Even if these vulnerabilities didn't exist, we wouldn't recommend using beta software in a production environment. Hopefully many of these bugs will be scrubbed before the official release.</p>
http://www.symantec.com/enterprise/security_response/weblog/2007/06/vulnerabilities_for_safari_on.html
http://www.symantec.com/enterprise/security_response/weblog/2007/06/vulnerabilities_for_safari_on.html
Tue, 12 Jun 2007 06:21:17 -0800
06-12-2007, 12:05 PM
Posted
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
