lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Jun 2007 10:37:33 -0400 From: "Joey Mengele" <joey.mengele@...hmail.com> To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>, <jagger@...ecki.net> Subject: Re: Apple Safari: cookie stealing curl 7.15.1 compiled from source on RHEL 4 is not affected. Can anyone else confirm? J On Wed, 13 Jun 2007 06:34:42 -0400 Robert Swiecki <jagger@...ecki.net> wrote: >There is a vulnerability in Apple Safari, that allows an attacker >to >steal a cookie belonging to the arbitrary domain or/and fill the >browser >window with an arbitrary content, whereas the url bar and the >browser's >window title is derived from the selected domain. > >The flaw exists in the javascript's window.setTimeout() >implementation. >The content of the timer-triggered function is processed after >window.location property is changed. > >Tested with Apple Safari 3.0 (522.11.3) on MS Windows 2003 SE SP2 > >http://alt.swiecki.net/safc.html > >-- >Robert Swiecki >http://www.swiecki.net > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -- Click to become an artist and quit your boring job http://tagline.hushmail.com/fc/CAaCXv1P278gujyHrPaciXl9iz0Jg7XU/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists