lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Nov 2003 10:04:54 +0900 From: vm_converter <vm_converter@....com> To: bugtraq@...urityfocus.com Subject: Re: Apple Safari 1.1 (v100) On Wednesday, Nov 19, 2003, at 02:28 Asia/Tokyo, Austin Gilbert wrote: > it appears that Apple's Safari is vulnerable to the > old Mozilla/IE cookie theft vulnerability outlined by > Marc Slemko > http://alive.znep.com/~marcs/security/mozillacookie/ All the versions of Safari from ver. 1.0 (v85) through 1.1 (v100.1) are also vulnerable. Security Update 2003-11-19 is not the mitigation for this vuln. For temporary solution, Hetima Computer <http://hetima.com/> releases fix-patch. CookieMonsterFix <http://hetima.com/soft/cookiemonsterfix.html> Although this page is mainly written in Japanese, scroll down to the bottom of page and read the "Description in English". Use it at YOUR OWN RISK. -- vm_converter
Powered by blists - more mailing lists