Existe uma falha considerada crítica no browser Safari, presente no sistema operativo Mac OS X da Apple, que pode permitir a execução de ataques remotos por parte de hackers.
Descrição do problema:
"LMH has reported a vulnerability in Mac OS X, which can potentially be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an integer overflow error in the "ffs_mountfs()" function when handling UFS filesystem disc images. This can be exploited to cause a heap-based buffer overflow via a specially crafted UFS DMG image.
Successful exploitation may allow the execution of arbitrary code.
NOTE: This is only remotely exploitable via the Safari web browser when the "opening safe files after downloading" option is enabled.
The vulnerability is reported in an updated Mac OS X 10.4.8. Other versions may also be affected."
Fonte: http://secunia.com
Como prevenção os utilizadores deste browser devem desactivar a opção "opening safe files after downloading" .
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment