Title buffer overflow in Safari 3.0.2 for Windows

A recently patched browser from Apple springs another leak.

Following last Friday's release of Safari 3.0.2 comes a brand-new Monday morning vulnerability. Researcher E. Azizov of ITdefence in Russia posted on the Bugtraq newsgroup a demonstration of a buffer overflow in the Windows XP version of Apple's browser. Specifically, the new vulnerability affects the title buffer in Safari bookmarks. If the title of a page you wish to bookmark in Safari 3.0.2 exceeds 1,024 bytes, as soon as you save the bookmark (Ctrl+D) your computer may become compromised.

Featured Video

Apple dethroned as world's most highly valued company

An old foe with a new name took the title away from Cupertino. Also, Yahoo's looking at yet another big shake-up.

by Iyaz Akhtar