Bugtraq mailing list archives

Re: Re: Safari for windows remote arbitry file upload

From: laurent.gaffie () gmail com
Date: 16 Aug 2007 21:32:51 -0000

"Firefox will do the same if it's configured that.Is this the default behavior with Safari?"

yes it's a default setting .

"I don't see that this is a bug. Could you explain a little more fully?"

well configured like this by default,it's a security hole . it's a perfect hole for a virus, trojan, etc. you can send 
any malicous files to a remote desktop via a malicious website or even a XSS , like an executable with a "my computer" 
icon ( for exemple .. )

Current thread:

Safari for windows remote arbitry file upload laurent . gaffie (Aug 15)
- <Possible follow-ups>
- Re: Safari for windows remote arbitry file upload Neil Dickey (Aug 15)
- Re: Re: Safari for windows remote arbitry file upload laurent . gaffie (Aug 17)
- Re: Re: Safari for windows remote arbitry file upload Neil Dickey (Aug 20)