Highly critical vulnerability found in Apple Safari for Windows

Secunia published a new vulnerability affecting Apple’s desktop Safari browser version 4.0.5 for Windows. The new exploit can be used by malicious users to execute arbitrary code on the system and is deemed to be “highly critical”. “The security issue can lead to exposure of sensitive information and the vulnerability can be exploited by malicious […]

Secunia published a new vulnerability affecting Apple’s desktop Safari browser version 4.0.5 for Windows. The new exploit can be used by malicious users to execute arbitrary code on the system and is deemed to be “highly critical”. “The security issue can lead to exposure of sensitive information and the vulnerability can be exploited by malicious people to compromise a user's system. 1. An error in handling of parent windows can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows. 2. security issue is caused due to Safari including HTTP basic authentication credentials in an HTTP request if a web page that requires HTTP basic authentication redirects to a different domain (e.g. via a "Location" header),” revealed Secunia. Do not visit untrusted web sites or follow links from untrusted sources. Do not authenticate to sites that use HTTP basic authentication and use redirections to different domains.

[Source]