Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Apple Safari: cookie stealing
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Wed, 13 Jun 2007 16:46:59 +0200 (CEST)

On Wed, 13 Jun 2007, Robert Swiecki wrote:

The flaw exists in the javascript's window.setTimeout() implementation.

Forgive me the rant, but... all other recently reported problems aside,
seeing this, I can only ask - which rock did Safari developers hide under
for the past 8 years or so?

I mean... this is the type of a flaw you probably no longer even to test
for because it seems too obvious - 'ping -l 65510' of the browser world...


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]