Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari Falls Victim to Remote Code Exploit

Posted by pudge on Monday May 17, 2004 @05:36AM from the the-most-important-thing-is-to-tell-people-how-to-use-the-exploit dept.

A user writes, "A new vulnerability has been found in Mac OS X's Safari, which will launch Help.app and run an arbitrary script with a URL like 'help:runscript=...', assuming a known path (which is possible when Safari is set to automount disk images (which is the default)). A nice working demonstration is available on insecure.ws while the incident has been reported on Full-Disclosure."

1 of 197 comments (clear)

Min score:

Reason:

Sort:

Re:Pudge, you got it WRONG! More serious than this by theolein · 2004-05-17 08:41 · Score: 0, Troll

You didn't make anything clear, pudge. The impression you gave me is that you prefer Apple's reputation over mac user's security. And that is why I am as mad as hell.