Slashdot Mirror


Safari Falls Victim to Remote Code Exploit

A user writes, "A new vulnerability has been found in Mac OS X's Safari, which will launch Help.app and run an arbitrary script with a URL like 'help:runscript=...', assuming a known path (which is possible when Safari is set to automount disk images (which is the default)). A nice working demonstration is available on insecure.ws while the incident has been reported on Full-Disclosure."

4 of 197 comments (clear)

  1. All OS X browsers affected? by tetsuotheironman · · Score: 5, Interesting

    this exploit also works in Camino as far as I can tell (although I didn't have it set to automount images) using recenet nightly build. I also tried it in IE and it was able to open Help.app without problems..

  2. Doesn't Work in 10.2.x by greenhide · · Score: 4, Interesting

    I have not been able to recreate this exploit in OS X 10.2.8.

    Apparently, only versions 10.3.x are affected.

    --
    Karma: Chevy Kavalierma.
  3. OS X Mail also by stang7423 · · Score: 5, Interesting

    I wonder if this is possible from OS X mail also. Mail uses webcore to render html and probably shares some settings. The downloading of the dmg is provoked by a meta tag, so unless mail strips meta info from e-mail then this could affect mail as well. That eventuality could potentially be a much larger issue than the current method of execution. Especially since mail will render html and images unless the mail is marked junk.

  4. Re:Um, what privilidges does it run at? by Llywelyn · · Score: 3, Interesting

    You would have to specifically modify the system and, if you know enough to do that, then you get what is coming to you for modifying it.

    Seriously, this is kind of like saying "well, this exploit could erase someone's entire hard drive on a linux system if they were running their web browser as root."

    Factually true but completely irrelevant.

    For the default install this is a problem, but try not to blow it out of proportion by inventing scenarios to make it more serious.

    --
    Integrate Keynote and LaTeX