You are here: silicon.com > Software > Applications

Applications

Apple patches more Safari holes

Windows browser made better..

Printer Friendly Email Story RSS

By Ryan Naraine

Published: 25 June 2007 08:52 GMT

Apple has refreshed its new Safari for Windows browser to patch a pair of vulnerabilities that could cause spoofing and HTTP redirection attacks.

This is the second batch of updates shipped for the beta browser since Apple's heavily hyped release of its flagship browser to the Windows ecosystem.

Both vulnerabilities affect Windows XP and Windows Vista users while one patch is available for Safari on the Mac OS X.

Details on the latest patches:

CVE-2007-2398 - In Safari Beta 3.0.1 for Windows, a timing issue allows a web page to change the contents of the address bar without loading the contents of the corresponding page. This could be used to spoof the contents of a legitimate site, allowing user credentials or other information to be gathered.

CVE-2007-2400 –Safari’s security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This issue affects Mac OS X users.

Ryan Naraine writes for ZDNet.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Apple goes on a security Safari with browser patches

iPhone gets first update

Minority Report: Steve Jobs fails to wow

Apple plugs 20 OS X holes

Safari users warned of Mac OS X flaw

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


eBay app lets users bid from a BlackBerry

ID card database: 500 names added in first month

IT skills shortage squashed by recession?

Pay for IT chiefs weathers the storm

Salesforce.com plans social networking for business



  • Jobs
iPhone/Mac Software Engineer

Experience Required: - A minimum of 2 years experience of software development for iPhone and/or Mac OS X using Cocoa and Objective C Understanding ...

Mac/PC Support Engineer –Mac OSX, Adobe, Quark, Windows, Server 2003, AD

Technical skills Mac OS X, preferably 10.4-10.6 Basic hardware knowledge Remote Desktop for Mac and Windows Mac/PC Support Engineer –Mac OSX, ...

Senior MAC software engineer opportunity - Objective C - 35 000

Based in the Northwest, this leading systems supplier is the leader in the global market and due to continued expansion require an extra engineer ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

JD Edwards Spotlight Video

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay app lets users bid from a BlackBerry

ID card database: 500 names added in first month

Women in IT: Tech has an image problem

Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?




Quick Sitemap Links: