Title buffer overflow in Safari 3.0.2 for Windows

A recently patched browser from Apple springs another leak.

Following last Friday's release of Safari 3.0.2 comes a brand-new Monday morning vulnerability. Researcher E. Azizov of ITdefence in Russia posted on the Bugtraq newsgroup a demonstration of a buffer overflow in the Windows XP version of Apple's browser. Specifically, the new vulnerability affects the title buffer in Safari bookmarks. If the title of a page you wish to bookmark in Safari 3.0.2 exceeds 1,024 bytes, as soon as you save the bookmark (Ctrl+D) your computer may become compromised.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Microsoft leaves Apple in the dust with tablet and laptop innovation in 2015

Will there be one Apple Ring to rule them all? That's what a patent application says. Plus, building the thinnest gadget isn't innovation anymore and Apple just got a reality check from Microsoft.

by Brian Tong