New info disclosure vuln in Safari reported
Ismael Valenzuela pointed us at Brian Mastenbrook's blog where he has published a new information disclosure vulnerability in Safari. The vuln potentially allows a malicious website to read files on the local system.
The vulnerability applies to
- anyone running OS.X 10.5 who have left the system default setting for the RSS feed reader. Which browser you use is irrelevant.
- Windows users of Safari
According to Brian, Apple hasn't responded to this yet though he claims to have contacted them.
0 comment(s)