Linked by Thom Holwerda on Tue 21st Feb 2006 17:59 UTC
Mac OS X "[Last week], we reported on a Trojan horse for Mac OS X that is just like the entry for Earth in the Hitchhiker's Guide to the Galaxy in that it is mostly harmless. A new vulnerability targeted at Apple's home-grown web browser, Safari, is another matter entirely. A German security firm appears to have been the first to discover the Safari flaw, which allows for shell scripts to be executed after clicking a link."
Thread beginning with comment 97916
To read all comments associated with this story, please click here.
meta refresh tag
by ApproachingZero on Tue 21st Feb 2006 19:55 UTC
Member since:

You can use the meta refresh tag to automatically download a file to a user's machine if they're using Safari. Combine that with this vulnerability, and all the user has to do is visit a web page in order for shell scripts to be executed on his/her system.

Switch to Camino, folks.

Reply Score: 2

RE: meta refresh tag
by PowerMacX on Wed 22nd Feb 2006 10:31 in reply to "meta refresh tag"
PowerMacX Member since:

Just disabling the "Open safe files" setting in Safari would be enough. Nonetheless, Camino (now at 1.0!) is indeed very nice.

Reply Parent Score: 1