/?pid=apple-fixes-vulnerability-in-safari-on-billions-of-devices-15492

Updated:02:00 AM EDT May 14
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Apple Fixes Vulnerability In Safari On Billions of Devices - TechAmok

Apple Fixes Vulnerability In Safari On Billions of Devices - [security]
03:53 AM EDT - Apr,17 2015 - post a comment

When Apple pushed out its most recent round of patches last week it fixed a cookie vulnerability that existed in all versions of Safari, including those that run on iOS, OS X, and Windows. According to researchers who dug it up, the number of affected devices may total one billion.
The issue - present in Webkit - is technically a cross-domain vulnerability, meaning that an attacker could rig web content to bypass some of the normal cross-domain restrictions when a user views it. The attacker could then use that access to modify HTTP cookies on a website.

The problem, according to the researcher who found the issue, Jouko Pynnonen of the Finnish firm Klikki Oy, lies in the way that Safari previously handled its FTP URL scheme. Klikki Oy, which has found a handful of other bugs over the last several months, including a critical XSS vulnerability in WordPress, notified Apple of the bug on January 27.

The browser allows HTML documents to be accessed via URLs beginning with ftp:// - like ftp://user:password. This can be an issue when encoded characters are used in place of the password however, according to Pynnönen, who says that in some cases the URL could be misinterpreted to come from an attacker's site and not the target site.

Short overview of recent news articles

NVIDIA GeForce Game Ready 576.40 WHQL Driver Released (May,14 2025 )

F1 - Official Trailer #2 (2025) Brad Pitt, Damson Idris, Kerry (May,13 2025 )

The Old Guard 2 - Official Trailer (2025) Charlize Theron, KiKi (May,11 2025 )

I think I know why Ryzen 9000 Series CPUs are Dying...(!) (May,11 2025 )

Is Windows Defender good enough in 2025? (May,10 2025 )

AMD Adrenalin 25.5.1 Driver Released for Doom: The Dark Ages (May,09 2025 )

Ripple SEC Grip OVER, XRP Freedom of USE, Market MODE BULL RUN (May,09 2025 )

"Is x86 Actually Screwed?" ft. Wendell of Level1 Techs - (May,08 2025 )

Android's New Design Guidelines Leaked (May,07 2025 )

Grand Theft Auto VI trailer #2 (May,06 2025 )

Microsoft's Dirty Secret: Your Old PC is Now Trash! (May,05 2025 )

No Noise Cancelling? GOOD. Unboxing the nwm One Headphones & First (May,04 2025 )

NEW! 2025 Audi S5 (367hp) | 0-258 km/h acceleration (May,04 2025 )

Bugatti Bolide vs Nurburgring. 1825 HorsePower Insanity (May,02 2025 )

This will be the largest tech Yard Sale EVER! Insanely low prices on (May,01 2025 )

Skoda Kodiaq RS 245 // 0-100 100-200 TOP SPEED POV & SOUND (May,01 2025 )

Disable or Uninstall Windows Recall to Protect Your Data Privacy (May,01 2025 )

A new Alternative to Nextcloud? OpenCloud presented and local (May,01 2025 )

NVIDIA GeForce Hotfix Driver 576.26 Available (Apr,29 2025 )

2025 Porsche 911 992.2 GTS T HYBRID | SOUND 0-100 100-200 200-300 & (Apr,28 2025 )

We Made Perfect Thermal Paste in a Factory, ft. Der8auer | Made In (Apr,28 2025 )

Cyber Security Company CEO Arrested for Installing Malware on (Apr,28 2025 )

This Kid Made his Own Laptop and it's AMAZING! (Apr,27 2025 )

How is this SO CHEAP? - Ubiquiti Cloud Gateway Fiber (Apr,26 2025 )

Ripple president on stablecoins, Trump and tokenization (Apr,26 2025 )

T-Mobile Launches 5G Advanced (Apr,26 2025 )

540HP BMW E46 M3 5.0 V10 // 300KMH REVIEW on AUTOBAHN (Apr,25 2025 )

Has Nvidia Given Up? (Apr,25 2025 )

AMD Software Adrenalin 25.4.1 Beta Drivers Released (Apr,23 2025 )

Stop Paying for Cloud Storage: How I Built My Own Photo Backup (Apr,23 2025 )

Wednesday: Season 2 - Official Teaser Trailer (Apr,23 2025 )

Everything You Need To Know About Windows 10 LTSC (Apr,23 2025 )

Do NOT use Distilled Water for your Water Cooling Loop! (Apr,22 2025 )

Intel Improves 285K Performance with a Big Update (Apr,22 2025 )

FERRARI 812 GTS // REVIEW on AUTOBAHN (Apr,20 2025 )

Meta Disables Apple Intelligence in Facebook and Other Apps (Apr,19 2025 )

Change these Windows Settings for a smarter PC (Apr,19 2025 )

How a malware pdf hacked 4chan (Apr,19 2025 )

2025 BMW 3 Series G20 330e LCI II // TOP SPEED REVIEW on AUTOBAHN (Apr,18 2025 )

Samsung Just Released a Powerful Update - Millions of Phones Getting (Apr,17 2025 )

NVIDIA GeForce Game Ready 576.02 WHQL Drivers (Apr,17 2025 )

I Can't Review GPUs that Don't Exist... RTX 5060 and 5060 Ti (Apr,16 2025 )

This Desktop Motherboard Has a 16-Core Laptop CPU Built-In (Apr,15 2025 )

Hidden Windows Features You Should Be Using in 2025! (Apr,14 2025 )

Leo Says Ep. 80: Ryzen AI Max Looked Great at CES...So Why Did I Buy (Apr,14 2025 )

Microsoft finally removes a six-month old Windows 11 24H2 update (Apr,13 2025 )

Coil Whine Phenomenon on Water-Cooled RTX 5090 Frostbite (Apr,13 2025 )

Why I NEVER Sign In to Windows with a Microsoft Account! (Apr,13 2025 )

How good is Windows Defender in 2025? (Apr,12 2025 )

Big Change Coming To Windows 11 Start Menu (Apr,11 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs