As we mentioned last night about the Apple Security Update, there is also an update for Safari 3 Beta. Go here to get the newest version. CVE-ID: CVE-2007-5858 Impact: Visiting a malicious website may result in the disclosure of sensitive information Description: WebKit allows a page to navigate the subframes of any other page. Visiting a maliciously crafted web page could trigger a cross-site scripting attack, which may lead to the disclosure of sensitive information. This update addresses the issue by implementing a stricter frame navigation policy. (This issue is addressed for Mac OS X in Security Update 2007-009.) (This is only for Windows XP and Windows Vista users, for Mac users this isn't an issue since it's rolled up in 2007-009) Joel Esler |
Joel 454 Posts ISC Handler |
Subscribe |
Dec 18th 2007 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!