:: Deepquest ::

Secunia Security Advisory – A weakness has been discovered in Apple Safari, which can be exploited by malicious people to disclose sensitive information.

This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]

Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code.

Apple Safari versions 5.0 and later on Mac OS and Windows are vulnerable to a directory traversal issue with the handling of “safari-extension://” URLs. Attackers can create malicious websites that trigger Safari to send files from the victim’s system to the attacker. Arbitrary Javascript can be executed in the web context of the Safari extension.

Secunia Security Advisory – A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user’s system.

Secunia Security Advisory – A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user’s system.

Zero Day Initiative Advisory 11-140 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari WebKit.

Secunia Security Advisory – Multiple vulnerabilities and weaknesses have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a user’s system.