Safari Beta Vulnerabilities for Windows

The Safari v3.0 Public Beta web browser for Windows was released on 06/11/07.  Within the first 24 hours multiple exploits were released.  On Thursday, June 14th, Apple released Safari v3.0.1 Public Beta for Windows to address three of the high risk vulnerabilities.  One of the more serious exploits is a command injection vulnerability, which may lead to arbitrary code execution by visiting a malicious website.  An out-of-bounds memory read issue exploit exists, which could lead to an unexpected termination of the application or arbitrary code execution by visiting a malicious website.  The third high risk vulnerability is a race condition which may allow cross site scripting by visiting a malicious website.

Please be aware of the risks associated with installing any software that is still in Beta form.  Beta software is not recommended for use on production computers.


Apple Product Security

Posted by Kitch Spicer on June 18, 2007, in Handlers Log.

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2016 Purdue University | An equal access/equal opportunity university | Integrity Statement | Copyright Complaints | Maintained by ITaP

Trouble with this page? Disability-related accessibility issue? Please contact ITaP at

PDF files can be viewed in Adobe Acrobat Reader.