lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 24 Jan 2007 06:06:34 +0100
From: Robert Tasarz <>
Subject: Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability

Jose Avila III wrote:
> Overview:
> Safari on occasions may improperly parse the source of an HTML document,
> which can lead to the execution of html tags within comments. This can
> become dangerous when input filters allow html tags within comments, as
> they will get parsed and executed under certain circumstances.
> Details:
> In some cases you can cause Appleā€™s Safari browser to execute code when
> it should not be executed. In the following example everything within
> the comment, in theory should never be executed; however, safari decides
> to execute the script tag.
> <title>myblog<!--</title></head><body><script
> src=> --></title>
> Blogs hosted on have filter mechanisms for their input;
> however, they will allow you to inject anything within comments. This
> made it possible to cross site script Note: Only Safari
> viewers will be affected.
> Proof of concept:
> Initial release of vulnerability:
> Vendor Response:
> I was unable to get a response from the vendor in regards to this issue
> Questions / Comments:
> Jose (at) onzra (dot) com

As could be expected, the same problem exists in Konqueror (tested
v.3.5.5 on Debian GNU/Linux Sid).

  Robert Tasarz

Powered by blists - more mailing lists