lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070516142214.20977.qmail@securityfocus.com>
Date: 16 May 2007 14:22:14 -0000
From: poplix@...uasia.org
To: bugtraq@...urityfocus.com
Subject: RE: Apple Safari on MacOSX may reveal user's saved passwords

John, i dont know how to exploit this without the execution of an applescript that's not possible if the victim user doesn't confirm it.
if you've found a way to execute applescripts by simply accessing a website it would be a much more interesting kind of vulnerability.
imho i see no other way to do this..
any suggestion is really appreciated

thanks,
-p

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ