Re: [Full-disclosure] Apple Safari for Windows feed:// URL Denial of Service Vulnerability



I spent about 2 minutes until I found this.

Worse then Windows Me and Microsoft Bob?! Now you're just being mean :-)

cardoso wrote:
Are you sure it's wise to waste resources poking Safari/Windows in
search of flaws?

The thing DOS itself, my machine (vista home premium, braz. portuguese
edition) can't run Safari for more than a few minutes, less, if I try do
actually open a website.

I'm an Apple fanboy, proud owner of a Macbook, but I think this
abomination is the worst piece of software I ever installed, including
Windows Me and Microsoft Bob.


On Wed, 13 Jun 2007 03:42:02 +0300
Trancer <mtrancer@xxxxxxxxx> wrote:


Apple Safari for Windows feed:// URL Denial of Service Vulnerability

Versions: Apple Safari For Windows 3 Beta

Apple Safari for Windows is prone to a denial-of-service vulnerability
because it fails to properly handle crafted feed:// link.

Proof-of-Concept: .
Link: feed://%
Exploit: <a href="feed://%">DoS</a>
Yes, this will crash Safari. Yes, it's that easy.
Note that this doesn't work with http://, ftp://, gopher:// and etc'.

Reference:
http://www.rec-sec.co.il/2007/06/12/apple-safari-for-windows-vulnerabilities/#exp

Credit:
Moshe Ben-Abu of BugSec is credited with discovering this vulnerability.

Vendor has been notified.

--
Moshe Ben-Abu :: Trancer
0nly Human...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


-------------------------------------------------------------
Carlos Cardoso
http://www.carloscardoso.com <== blog semi-pessoal
http://www.contraditorium.com <== ProBlogging e cultura digital

"You lost today, kid. But that doesn't mean you have to like it"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
Moshe :: Trancer
0nly Human...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: E-Mail Server Anti-Virus
    ... Microsoft Bob requires Windows 95. ... disappointed that the Trend Security Center didn't catch anything. ... it must be configured correctly to ignore all exchange ...
    (microsoft.public.exchange.admin)
  • [Full-disclosure] Apple Safari for Windows feed:// URL Denial of Service Vulnerability
    ... Apple Safari for Windows feed:// URL Denial of Service Vulnerability ... Moshe Ben-Abu of BugSec is credited with discovering this vulnerability. ...
    (Full-Disclosure)
  • Re: Microsoft extends XP downgrade rights date by six months
    ... Since then they produced, Window 2000 Pro, Windows ... it comes with the XP recovery discs (as well as Vista). ... It's not a life threatening situation, it's worse when banks, oil cartels engage ... And, next to Windows Me and Microsoft Bob, one of the worst decisions Microsoft ...
    (microsoft.public.windows.vista.general)
  • Re: PPC C++ Book or tutorial.
    ... For Mr. Cardoso: ... If you're targeting Windows Mobile 5 or 6 then you'll have to stick with Visual Studio 2005, but Boling's book still probably provides more than half of what you need. ... but implementation extensions are implementation specific. ... Shoud I stick with VS2005 or shoud I try eMbedded Visual C++? ...
    (microsoft.public.pocketpc.developer)
  • Re: Longhorn slips again
    ... Microsoft Bob is the excuse for Windows ME...why make just one horrible ... mistake... ...
    (microsoft.public.cert.exam.mcse)