safari's saved password at risk

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: safari's saved password at risk
From: poplix@xxxxxxxxxxxx
Date: 4 May 2007 18:13:54 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

I'd like to inform you that safari is prone to a vunlerability that allow a 
local user to steal safari's saved passwords by using some macosx componenets. 
More infos about this issue will be made available as soon as apple will 
provide a fix. I strongly recommend users remove all safari's saved password 
from the keychain.

cheers,
-poplix
http://px.dynalias.org

Prev by Date: Re: sunshop v4 >> RFI
Next by Date: Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities
Previous by thread: RunCms <= 1.5.2 debug_show.php sql injection
Next by thread: NPDS <= 5.10 - Multiple SQL injections
Index(es):
- Date
- Thread