Comments on: BK on Safari, hunting Firefox… http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/ Thoughts on Security in an Uncivilized World… Wed, 08 Sep 2010 02:39:08 -0700 hourly 1 http://wordpress.org/?v=3.0.1 By: Firefox 3.0.1 fixes blended-threat vulnerability » 70 Tricks http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-576 Firefox 3.0.1 fixes blended-threat vulnerability » 70 Tricks Sat, 19 Jul 2008 05:46:09 +0000 http://xs-sniper.com/blog/?p=106#comment-576 [...] and Safari for Windows: Turns out Firefox was vulnerable, too. Security researcher Billy Rios found the problem, but disclosed it only to Mozilla. (Mac users remain [...] [...] and Safari for Windows: Turns out Firefox was vulnerable, too. Security researcher Billy Rios found the problem, but disclosed it only to Mozilla. (Mac users remain [...]

]]> By: Firefox 3.0.1 fixes blended-threat vulnerability | applestech.com http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-573 Firefox 3.0.1 fixes blended-threat vulnerability | applestech.com Fri, 18 Jul 2008 18:19:03 +0000 http://xs-sniper.com/blog/?p=106#comment-573 [...] and Safari for Windows: Turns out Firefox was vulnerable, too. Security researcher Billy Rios found the problem, but disclosed it only to Mozilla. (Mac users remain [...] [...] and Safari for Windows: Turns out Firefox was vulnerable, too. Security researcher Billy Rios found the problem, but disclosed it only to Mozilla. (Mac users remain [...]

]]> By: Rilasciato Firefox 3.0.1 « marko’s weblog http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-570 Rilasciato Firefox 3.0.1 « marko’s weblog Fri, 18 Jul 2008 14:50:16 +0000 http://xs-sniper.com/blog/?p=106#comment-570 [...] hanno corretto tre vulnerabilità: una falla che, combinata con un problema di Safari, permette la lettura dati dal disco fisso o l’esecuzione di codice, un overflow relativo al CSS reference counter (con conseguente esecuzione di codice remoto) ed un [...] [...] hanno corretto tre vulnerabilità: una falla che, combinata con un problema di Safari, permette la lettura dati dal disco fisso o l’esecuzione di codice, un overflow relativo al CSS reference counter (con conseguente esecuzione di codice remoto) ed un [...]

]]> By: appleforapple.com » Firefox 3.0.1 fixes blended-threat vulnerability http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-569 appleforapple.com » Firefox 3.0.1 fixes blended-threat vulnerability Thu, 17 Jul 2008 18:17:30 +0000 http://xs-sniper.com/blog/?p=106#comment-569 [...] and Safari for Windows: Turns out Firefox was vulnerable, too. Security researcher Billy Rios found the problem, but disclosed it only to Mozilla. (Mac users remain [...] [...] and Safari for Windows: Turns out Firefox was vulnerable, too. Security researcher Billy Rios found the problem, but disclosed it only to Mozilla. (Mac users remain [...]

]]> By: Tech News » Blog Archive » Linkpost | 6.22.2008 http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-544 Tech News » Blog Archive » Linkpost | 6.22.2008 Mon, 07 Jul 2008 11:12:52 +0000 http://xs-sniper.com/blog/?p=106#comment-544 [...] BK on Safari, hunting Firefox… — Despite patching, security researcher says Safari carpet bomb blended threat is still [...] [...] BK on Safari, hunting Firefox… — Despite patching, security researcher says Safari carpet bomb blended threat is still [...]

]]> By: Armando http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-535 Armando Mon, 23 Jun 2008 19:39:42 +0000 http://xs-sniper.com/blog/?p=106#comment-535 Could Safari’s carpet bomb be used in conjunction with Opera 9.27 or 9.50? Could Safari’s carpet bomb be used in conjunction with Opera 9.27 or 9.50?

]]> By: s9k http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-530 s9k Sun, 22 Jun 2008 22:11:15 +0000 http://xs-sniper.com/blog/?p=106#comment-530 nice find rios, pretty cool tie together. nice find rios, pretty cool tie together.

]]> By: “Carpet Bomb” Still A Problem Despite Patch…. Oh Noes! « The IT Nerd http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-525 “Carpet Bomb” Still A Problem Despite Patch…. Oh Noes! « The IT Nerd Sun, 22 Jun 2008 12:52:26 +0000 http://xs-sniper.com/blog/?p=106#comment-525 [...] yeah, if you look at Billy’s blog, he also has this [...] [...] yeah, if you look at Billy’s blog, he also has this [...]

]]> By: aussiebear http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-522 aussiebear Sun, 22 Jun 2008 07:33:52 +0000 http://xs-sniper.com/blog/?p=106#comment-522 So this is a Windows/IE problem being the root cause of this mess? Does it occur if I use Firefox 3 under Linux? So this is a Windows/IE problem being the root cause of this mess?

Does it occur if I use Firefox 3 under Linux?

]]> By: James Brown http://xs-sniper.com/blog/2008/06/20/bk-on-safari-hunting-firefox/comment-page-1/#comment-518 James Brown Sun, 22 Jun 2008 01:44:54 +0000 http://xs-sniper.com/blog/?p=106#comment-518 Several articles that link here state there is still a vulnerability in Safari that needs to be addressed, but that's not the impression that I got from your post. To clarify, is the new issue that you mention a vulnerability in Firefox that could previously have been exploited via the now-fixed Safari "carpet bombing" and may still be exploitable via other means? It might be worth being a bit clearer on this in your post to remove the confusion. Several articles that link here state there is still a vulnerability in Safari that needs to be addressed, but that’s not the impression that I got from your post. To clarify, is the new issue that you mention a vulnerability in Firefox that could previously have been exploited via the now-fixed Safari “carpet bombing” and may still be exploitable via other means? It might be worth being a bit clearer on this in your post to remove the confusion.

]]>