Apple Safari Directory Traversal

Posted by deepcore on October 15, 2011 – 4:09 am

Apple Safari versions 5.0 and later on Mac OS and Windows are vulnerable to a directory traversal issue with the handling of “safari-extension://” URLs. Attackers can create malicious websites that trigger Safari to send files from the victim’s system to the attacker. Arbitrary Javascript can be executed in the web context of the Safari extension.

Read more from the original source:
Apple Safari Directory Traversal

Tags: Apple, apple-safari, victim
This post is under “Apple, OSX security tools” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« http://www.deqp.go.th Apple Safari Arbitrary Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Apple Safari Directory Traversal

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL