toggle

AAPL Stock: 446.01 ( + 6.35 )

http://www.macnn.com/articles/05/12/22/safari.security.flaw/

Security issue in Apple's Safari?

updated 10:35 am EST, Thu December 22, 2005

 

Safari security flaw


An alleged security issue in Mac OS X that could allow users to attack any Mac system with the software installed. [updated 12:05 pm ET]

Update: One MacNN reader, however, says that the flaw is no more than a bug: "It is a crashing bug, but certaily does not look line a security issue in any way, shape or form. A better way to write it would be: 'A maliciously constructed web page giving a preposterous rowspan in a table can cause the KHTML parser to crash.'" The reader says that a maliciously crafted HTML page would cause a large enough array to crash the application ("in true Unix fashion"), however, it is unclear if--or how--it could allow execution of arbitrary code."


by MacNN Staff

Post tools:

TAGS :

 troubleshooting

Related Articles

Recent Articles

toggle

Comments

  1. Horsepoo!!!

    Banned

    Joined: Jun 2003

    0
    12/22, 11:24am | report spam | Reply |

    This one was fixed...

    This one was fixed not long ago in the nightlies...if I'm not mistaken. I'm guessing it was an easy fix.

  1. Deal

    Mac Enthusiast

    Joined: Apr 2001

    0
    12/22, 11:25am | report spam | Reply |

    In other words...

    The Mac is safer without third party virus protection ;)

  1. ebow

    Fresh-Faced Recruit

    Joined: Oct 2001

    0
    12/22, 11:45am | report spam | Reply |

    Nightlies?

    What nightlies are you talking about? Safari has 'em? This isn't some SourceForge project we're talking about here...

  1. sapridyne

    Fresh-Faced Recruit

    Joined: Jun 2003

    0
    12/22, 11:56am | report spam | Reply |

    Google it

    Google is your best friend, ebow.

    apple safari nightly

    -Sapridyne

  1. ebow

    Fresh-Faced Recruit

    Joined: Oct 2001

    0
    12/22, 12:02pm | report spam | Reply |

    Of coource

    I knew that, I knew that... Just, er, testing you. http://nightly.webkit.org/builds/

  1. sdf

    Fresh-Faced Recruit

    Joined: Aug 2004

    0
    12/22, 12:17pm | report spam | Reply |

    Interesting

    If it is already fixed in the nightlies, it was probably "discovered" by someone watching the WebKit-Dev list where a crasher was discussed recently.

    If this is the same flaw, I find it terribly funny that someone rushed out to get "credit" for it.

  1. Feathers

    Grizzled Veteran

    Joined: Oct 1999

    0
    12/22, 01:06pm | report spam | Reply |

    True MacNN

    Well, MacNN never lets the facts get in the way of a good (or old) story! Sigh!

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    12/22, 02:07pm | report spam | Reply |

    Re: interesting

    If it is already fixed in the nightlies, it was probably "discovered" by someone watching the WebKit-Dev list where a crasher was discussed recently.

    If this is the same flaw, I find it terribly funny that someone rushed out to get "credit" for it.

    Why is it 'funny'. It isn't important to tell people of a possible security flaw, just because its been fixed in a set of code only few people get? I guess we should find it funny for any Windows XP flaws that were fixed in the Vista software, because, h***, its basically fixed!

    Oh, and just because they're in the nightlies doesn't mean that they'll be in the next release of 10.4. It may take months to see a fix, if one is ever released. (Hard to say with Apple, since they're response to security is usually a mumbled "Hey, we've fixed some bugs" followed by a "What? 10.3? We might make a fix for it, but don't hold your breath").

  1. nitram_again

    Fresh-Faced Recruit

    Joined: Nov 2001

    0
    12/22, 03:04pm | report spam | Reply |

    Geocities site

    I hit a link to take me to a Geocities site the other night. The damn thing crashed Safari repeatedly, screwed up the prefs and even turned off Cocoa Gestures. Never seen anything like it before. Hope I never see it again.

  1. sdf

    Fresh-Faced Recruit

    Joined: Aug 2004

    0
    12/22, 03:21pm | report spam | Reply |

    Yes, funny.

    With an update expected in only a few weeks, and the crash not a security flaw, I find it funny... yes, funny... that someone would run to the press with it, claim to have discovered it and claim it's a security flaw.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News