Posted in ISC on January 13th, 2009 by ISC Handler
Ismael Valenzuela pointed us at Brian Mastenbrook's blog where he has published a new information disclosure vulnerability in Safari. The vuln potentially allows a malicious websiteto read files on the local system.
The vulnerability applies to
anyone running OS.X 10.5 who have left the system default setting for the RSS feed reader. Which browser youuse is irrelevant.
Windows users of Safari
According to Brian, Apple hasn't responded to this yet though he claims to have contacted them.
Tags: News
