:: Deepquest ::

A new security flaw has been discovered in OSX, allowing safari to run a trustable attachment in the systement. Check the details for a POC (Proof of Concept).

[url=http://deepquest.code511.com/blog/images/uploads/videos/Mac-TV-Stream.mov.zip]This link[/url] will download an harmless fake movie and will open a terminal and display a small text message.

[b]Vulnerable:[/b] 10.4.5 and previous
[b]Solution:[/b] none at this time, disable open trusted documents.
[b]Credits:[/b] Michael Lehn