Got a deja vu feeling…
On June 2007 Apple released a Windows version of the Safari web browser. Back then it was the first version of this browser for Windows (3.0.0), hackers and security researchers were all over it, publishing vulnerabilities at the rate of a machine gun. Apple had to release two collective security patches for Safari within ten days.
Today, Apple released the first beta of Safari 4 (528.16) and I won’t be surprised to see tons of new vulnerabilities published in the next few weeks.
So why do I have a deja vu feeling? I just found a NULL pointer deference bug in the new Safari, just like the previous one I’ve found.
The vulnerabilities are almost the same, only on the last one was with the feed: URI and the new one is with feeds: with a few tweaks.
Check it out:
Apple Safari 4 feeds: URI NULL Pointer Dereference Denial of Service Vulnerability
Also on:
BID 33909
This post will be updated with further vulnerabilities to rise.
Categories: Vulnerabilities
3 Comments | 
Comments RSS | 
TrackBack URL
Here’s a proof-of-concept exploit for Microsoft Internet Explorer Object Clone Deletion Memory Corruption vulnerability in case you don’t use the Metasploit Framework and still want to test it.
RSS 2.0
ATOM 1.0
RDF 1.0
Links OPML
OpenSearch
