US-CERT Cyber Security Alert SA06-053A -- Apple Mac OS X Safari Command Execution Vulnerability

National Cyber Alert System

Cyber Security Alert SA06-053A

Apple Mac OS X Safari Command Execution Vulnerability

Original release date: February 22, 2006
Last revised: --
Source: US-CERT

Systems Affected

Apple Safari running on Mac OS X

Overview

A vulnerability in the Apple Safari web browser could allow an attacker to place and run malicious code on your computer.

Solution

Turn off "Open safe files after downloading" feature

To turn off "Open safe files after downloading" feature in Safari, first choose "Preferences" from the Safari menu. Next, uncheck the option "Open 'safe' files after downloading."

More information about this solution is available in the document "Securing Your Web Browser."

Description

Apple Safari is a web browser that comes with Apple Mac OS X. Safari contains a vulnerability that could allow an attacker to run malicious programs on your computer.

For more technical information, see US-CERT Technical Alert TA06-053A.

References

US-CERT Vulnerability Note VU#999708 - <http://www.kb.cert.org/vuls/id/999708>

Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/#sgeneral>

US-CERT Technical Cyber Security Alert TA06-053A - <http://www.us-cert.gov/cas/techalerts/TA06-053A.html>

Feedback can be directed to US-CERT.

Produced 2006 by US-CERT, a government organization. Terms of use

Revision History

February 22, 2006: Initial release

Last updated February 11, 2008

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting