Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Serious flaw discovered for Apple Safari Web Browser PDF Print E-mail
Written by Editor   
Tuesday, 21 February 2006 09:30
A German security researcher Micheal Lehn has discovered a flaw in the downloaded file handling within Apples Safari web browser that can allow a file to be executed as it is downloaded without interaction from the user. The flaw is due to a feature that is activated by default in Safari known as Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically by the Terminal application all with no user interaction!

Should a script be given an extension such as .jpg or .mov within the Zip file when it is downloaded meta information will be added to the file to link the association of the file to to the Terminal application. This meta information will instruct Finder to always open the file with the Terminal application regardless of the extension of the file.

More information can be gathered from the Lehns site here (in German) or here from heise.de (in English). There is a proof of concept available from the discoverer available here.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 22:00 )