Apple Safari Safe File Type Bypass Variation

2006-03-10T17:47:38
ID OSVDB:23869
Type osvdb
Reporter Andris Baumberger(), Will Dormann()
Modified 2006-03-10T17:47:38

Description

Vulnerability Description

Safari contains a flaw that may allow a malicious application to appear as a safe file type. It is possible that the flaw may allow a malicious file to be executed automatically when a user visits a malicious web site resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple Computer, Inc. has released a patch to address this vulnerability.

Short Description

Safari contains a flaw that may allow a malicious application to appear as a safe file type. It is possible that the flaw may allow a malicious file to be executed automatically when a user visits a malicious web site resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Security Tracker: 1015760 Secunia Advisory ID:19129 Related OSVDB ID: 23871 Related OSVDB ID: 23872 Related OSVDB ID: 23870 Related OSVDB ID: 23873 News Article: http://www.macnn.com/articles/06/03/13/security.update.2006.002/ Keyword: Security Update 2006-002 FrSIRT Advisory: ADV-2006-0949 CVE-2006-0397