toggle

AAPL Stock: 112.65 ( + 3.24 )

Printed from http://www.macnn.com

Security issue in Apple\'s Safari?

updated 10:35 am EST, Thu December 22, 2005

Safari security flaw

An alleged security issue in Mac OS X that could allow users to attack any Mac system with the software installed. [updated 12:05 pm ET]

Update: One MacNN reader, however, says that the flaw is no more than a bug: "It is a crashing bug, but certaily does not look line a security issue in any way, shape or form. A better way to write it would be: 'A maliciously constructed web page giving a preposterous rowspan in a table can cause the KHTML parser to crash.'" The reader says that a maliciously crafted HTML page would cause a large enough array to crash the application ("in true Unix fashion"), however, it is unclear if--or how--it could allow execution of arbitrary code."




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Horsepoo!!!

    Joined: Dec 1969

    0

    This one was fixed...

    This one was fixed not long ago in the nightlies...if I'm not mistaken. I'm guessing it was an easy fix.

  1. Deal

    Joined: Dec 1969

    0

    In other words...

    The Mac is safer without third party virus protection ;)

  1. ebow

    Joined: Dec 1969

    0

    Nightlies?

    What nightlies are you talking about? Safari has 'em? This isn't some SourceForge project we're talking about here...

  1. sapridyne

    Joined: Dec 1969

    0

    Google it

    Google is your best friend, ebow.

    apple safari nightly

    -Sapridyne

  1. ebow

    Joined: Dec 1969

    0

    Of coource

    I knew that, I knew that... Just, er, testing you. http://nightly.webkit.org/builds/

  1. sdf

    Joined: Dec 1969

    0

    Interesting

    If it is already fixed in the nightlies, it was probably "discovered" by someone watching the WebKit-Dev list where a crasher was discussed recently.

    If this is the same flaw, I find it terribly funny that someone rushed out to get "credit" for it.

  1. Feathers

    Joined: Dec 1969

    0

    True MacNN

    Well, MacNN never lets the facts get in the way of a good (or old) story! Sigh!

  1. testudo

    Joined: Dec 1969

    0

    Re: interesting

    If it is already fixed in the nightlies, it was probably "discovered" by someone watching the WebKit-Dev list where a crasher was discussed recently.

    If this is the same flaw, I find it terribly funny that someone rushed out to get "credit" for it.


    Why is it 'funny'. It isn't important to tell people of a possible security flaw, just because its been fixed in a set of code only few people get? I guess we should find it funny for any Windows XP flaws that were fixed in the Vista software, because, h***, its basically fixed!

    Oh, and just because they're in the nightlies doesn't mean that they'll be in the next release of 10.4. It may take months to see a fix, if one is ever released. (Hard to say with Apple, since they're response to security is usually a mumbled "Hey, we've fixed some bugs" followed by a "What? 10.3? We might make a fix for it, but don't hold your breath").

  1. nitram_again

    Joined: Dec 1969

    0

    Geocities site

    I hit a link to take me to a Geocities site the other night. The damn thing crashed Safari repeatedly, screwed up the prefs and even turned off Cocoa Gestures. Never seen anything like it before. Hope I never see it again.

  1. sdf

    Joined: Dec 1969

    0

    Yes, funny.

    With an update expected in only a few weeks, and the crash not a security flaw, I find it funny... yes, funny... that someone would run to the press with it, claim to have discovered it and claim it's a security flaw.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented