Full Disclosure mailing list archives
Re: Safari for Windows, 0day URL protocol handler command injection
From: "Larry Seltzer" <Larry () larryseltzer com>
Date: Tue, 12 Jun 2007 09:19:54 -0400
Apple released version 3 of their popular Safari web browser today,
with the added twist of offering both an OS X and a Windows version. Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted towards this new Windows browser. Joe Wilcox here at eWEEK is speculating, as are others, that Apple could start bundling Safari with the Windows iTunes software (http://www.microsoft-watch.com/content/web_services_browser/do_we_reall y_need_another_windows_browser.html). They have already done this with QuickTime. Safari could develop installed base quickly that way. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine larryseltzer () ziffdavis com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Safari for Windows, 0day URL protocol handler command injection Thor Larholm (Jun 12)
- Re: Safari for Windows, 0day URL protocol handler command injection Larry Seltzer (Jun 12)
- Re: Safari for Windows, 0day URL protocol handler command injection Andrew Redman (Jun 12)
- Re: Safari for Windows, Jeff Kell (Jun 12)
- Re: Safari for Windows, 0day URL protocol handler command injection Andrew Redman (Jun 12)
- Re: Safari for Windows, 0day URL protocol handler command injection Steven Adair (Jun 12)
- <Possible follow-ups>
- Re: Safari for Windows, 0day URL protocol handler command injection Jay (Jun 12)
- Re: Safari for Windows, 0day URL protocol handler command injection Larry Seltzer (Jun 12)