Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA06-053A -- Apple Mac OS X Safari Command

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA06-053A -- Apple Mac OS X Safari Command Execution Vulnerability
Date: Wed, 22 Feb 2006 16:09:24 -0500 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                     National Cyber Alert System

                   Cyber Security Alert SA06-053A


Apple Mac OS X Safari Command Execution Vulnerability

   Original release date: February 22, 2006
   Last revised: --
   Source: US-CERT


Systems Affected

     * Apple Safari running on Mac OS X


Overview

     A vulnerability in the Apple Safari web browser could allow an
     attacker to place and run malicious code on your computer.


Solution

     Turn off "Open safe files after downloading" feature

     To turn off "Open safe files after downloading" feature in Safari,
     first choose "Preferences" from the Safari menu. Next, uncheck the
     option "Open 'safe' files after downloading."

     More information about this solution is available in the document
     "Securing Your Web Browser."


Description

     Apple Safari is a web browser that comes with Apple Mac OS X.
     Safari contains a vulnerability that could allow an attacker to run
     malicious programs on your computer.

     For more technical information, see US-CERT Technical Alert
     TA06-053A.


References

     * US-CERT Vulnerability Note VU#999708 -
       <http://www.kb.cert.org/vuls/id/999708>

     * Securing Your Web Browser -
       <http://www.us-cert.gov/reading_room/securing_browser/#sgeneral>

     * US-CERT Technical Cyber Security Alert TA06-053A -
       <http://www.us-cert.gov/cas/techalerts/TA06-053A.html>

 
 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA06-053A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT. Please send email to
   <cert@cert.org> with "SA06-053A Feedback VU#999708" in the subject.
 ____________________________________________________________________

   Mailing list information:

     <http://www.us-cert.gov/cas/>
 ____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


Revision History

   February 22, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQ/y6t30pj593lg50AQLdIwgAiNf+I9L6TpXuM2MBTVs7p7NhsrsCFpuq
iMjchi8wFWth1LLKmMiuift4FV/OsUwvn6rI8gERI1Ll/36Z45qAuN0lRs0e3z2x
+M3ph21sb1oscacQYuri53lpYphNEwzZuIYiwoJlptnkKRzbqkwOIff5hnJu2XTI
pkyUuhfJlP1WxhSpWenVKt2ihgHs+vg5jqlVgy5HhyApABZWNDCEG2CPJQ0rMPjJ
lXPrwYr6XYtd4Om1Zq7MBtESAcHJpVXxbljTDTpKagic/xnjOmVpp4mmR71Lgpok
0sDGCjG9mb7Gin5OA56IS2x+5IjxmibZuQHDbkJUxP9eTjTXYSpp8g==
=qgI/
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA06-053A -- Apple Mac OS X Safari Command Execution Vulnerability, US-CERT Alerts <=
Previous by Date:  US-CERT Cyber Security Alert SA06-045A -- Microsoft Windows, Windows Media Player, and Internet Explorer Vulnerabilities, US-CERT Alerts
Previous by Thread:  US-CERT Cyber Security Alert SA06-045A -- Microsoft Windows, Windows Media Player, and Internet Explorer Vulnerabilities, US-CERT Alerts
Indexes:  [Date] [Thread] [Top] [All Lists]