LinuxLinks.com
Newbies What Next ? News Forums Calendar

Search





News Sections
Home
General News (3972/0)
Reviews (626/0)
Press Releases (464/0)
Distributions (187/0)
Software (807/0)
Hardware (522/0)
Security (192/0)
Tutorials (337/0)
Off Topic (180/0)


User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User


Events
There are no upcoming events



Developer Demonstrates Dashboard Exploit   
Tuesday, May 10 2005 @ 12:35 PM EDT
Contributed by: glosser

The first Mac OS X 10.4 hole has been discovered. Unfortunately, it's a rather ugly one.

A developer has demonstrated a Dashboard exploit in Mac OS X 10.4 Tiger that a malicious Web site owner could use to install widgets you might not want on your Mac.

Writing under the name of Stephan.com, the developer said that a combination of Apple's lack of documentation for removing widgets, Safari's download controls, and a widget feature all make it possible for the bad guys to use Dashboard to take you to any Web site of their choosing, hijacking Dashboard for their nefarious purposes.

At issue is a feature in Safari called "Open safe files" that is turned on by default. This feature allows your Mac to automatically open image files, PDFs, movies, disk images and other files considered safe when downloaded. Unfortunately, this also includes widget files downloaded, which are installed when opened.

Full story from MacNewsWorld

  [ Views: 1690 ]  


Developer Demonstrates Dashboard Exploit | 0 comments | Create New Account
The following comments are owned by whoever posted them. This site is not responsible for what they say.
No user comments.


What's Related
  • Full story from MacNewsWor...
  • More by glosser
  • More from Security


  • Story Options
  • Mail Story to a Friend
  • Printable Story Format


  • We have written a range of guides highlighting excellent free books for popular programming languages. Check out the following guides: C, C++, C#, Java, JavaScript, CoffeeScript, HTML, Python, Ruby, Perl, Haskell, PHP, Lisp, R, Prolog, Scala, Scheme, and SQL.

    Built with GeekLog and phpBB
    Comments to the webmaster are welcome
    Copyright 2009 LinuxLinks.com - All rights reserved