toggle

AAPL Stock: 102.99 ( + 0.52 )

Printed from http://www.macnn.com

Security issue in Apple\'s Safari?

updated 10:35 am EST, Thu December 22, 2005

Safari security flaw

An alleged security issue in Mac OS X that could allow users to attack any Mac system with the software installed. [updated 12:05 pm ET]

Update: One MacNN reader, however, says that the flaw is no more than a bug: "It is a crashing bug, but certaily does not look line a security issue in any way, shape or form. A better way to write it would be: 'A maliciously constructed web page giving a preposterous rowspan in a table can cause the KHTML parser to crash.'" The reader says that a maliciously crafted HTML page would cause a large enough array to crash the application ("in true Unix fashion"), however, it is unclear if--or how--it could allow execution of arbitrary code."




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Horsepoo!!!

    Joined: Dec 1969

    0

    This one was fixed...

    This one was fixed not long ago in the nightlies...if I'm not mistaken. I'm guessing it was an easy fix.

  1. Deal

    Joined: Dec 1969

    0

    In other words...

    The Mac is safer without third party virus protection ;)

  1. ebow

    Joined: Dec 1969

    0

    Nightlies?

    What nightlies are you talking about? Safari has 'em? This isn't some SourceForge project we're talking about here...

  1. sapridyne

    Joined: Dec 1969

    0

    Google it

    Google is your best friend, ebow.

    apple safari nightly

    -Sapridyne

  1. ebow

    Joined: Dec 1969

    0

    Of coource

    I knew that, I knew that... Just, er, testing you. http://nightly.webkit.org/builds/

  1. sdf

    Joined: Dec 1969

    0

    Interesting

    If it is already fixed in the nightlies, it was probably "discovered" by someone watching the WebKit-Dev list where a crasher was discussed recently.

    If this is the same flaw, I find it terribly funny that someone rushed out to get "credit" for it.

  1. Feathers

    Joined: Dec 1969

    0

    True MacNN

    Well, MacNN never lets the facts get in the way of a good (or old) story! Sigh!

  1. testudo

    Joined: Dec 1969

    0

    Re: interesting

    If it is already fixed in the nightlies, it was probably "discovered" by someone watching the WebKit-Dev list where a crasher was discussed recently.

    If this is the same flaw, I find it terribly funny that someone rushed out to get "credit" for it.


    Why is it 'funny'. It isn't important to tell people of a possible security flaw, just because its been fixed in a set of code only few people get? I guess we should find it funny for any Windows XP flaws that were fixed in the Vista software, because, h***, its basically fixed!

    Oh, and just because they're in the nightlies doesn't mean that they'll be in the next release of 10.4. It may take months to see a fix, if one is ever released. (Hard to say with Apple, since they're response to security is usually a mumbled "Hey, we've fixed some bugs" followed by a "What? 10.3? We might make a fix for it, but don't hold your breath").

  1. nitram_again

    Joined: Dec 1969

    0

    Geocities site

    I hit a link to take me to a Geocities site the other night. The damn thing crashed Safari repeatedly, screwed up the prefs and even turned off Cocoa Gestures. Never seen anything like it before. Hope I never see it again.

  1. sdf

    Joined: Dec 1969

    0

    Yes, funny.

    With an update expected in only a few weeks, and the crash not a security flaw, I find it funny... yes, funny... that someone would run to the press with it, claim to have discovered it and claim it's a security flaw.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fr ...

toggle

Most Commented