Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: ph0enix (ph0enixjustonemorething.org)
Date: Thu May 19 2005 - 07:47:10 CDT
> [..] And they run a lot of them. They're not likely to assume that
> widgets can contain trojans or be cautious of what they download
> like they are regular applications.
well, that is true. Because Dashboard widgets are looking 'cool and
sweet', most of the users will not realize that they could contain
arbitrary code and so some of them are easy victims. Dashboard is
really a cool thing, but Apple also opened Pandora's box with it.
www.osvdb.org -- everything is vulnerable.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/