Apple Safari window object invalid pointer vulnerability
|
D-SWAT
A pointer vulnerability and a security issue have been discovered in Apple Safari, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. As our observation, exploit code for this vulnerability is publicly available.
"Apple Safari fails to properly handle references to window objects. Safari can allow a window object to be deleted while references to the object may still exist. If JavaScript code then attempts to use the deleted window object, this can result in the use of an invalid pointer. This pointer can be controlled by an attacker through the use of JavaScript," US-CERT explained.
The vulnerability and the security issue are confirmed in version 4.0.5 for Windows. Other versions may also be affected.
Workarounds:
1.Disable JavaScript (e.g. via the "Security" tab in the Safari preferences dialog). Do not authenticate to sites that use HTTP basic authentication and use redirections to different domains.
2.For more detail,please see the US-CERT's document -- Securing Your Web Browser.
References:
http://www.kb.cert.org/vuls/id/943165
|
The information from Draytek Corp.
About DrayTek
DrayTek Corp., founded in 1997, is a global provider
of comprehensive network security, remote access
and VoIP solutions for residential/small office
and Small and Medium Enterprises(SME) use. To
meet the needs of customers for quality and cost-effectiveness,
DrayTek, with technologies integrated with real-time
Anti-Virus/Anti-Intrusion system, VPN, VoIP and
xDSL broadband access, has successfully delivered
total network protection worldwide. For more information,
please visit the company's website at http://www.draytek.com.
Press Contact:
DrayTek Marketing Dept.
press@draytek.com |
