Adding a page with a title tag in excess of 1024 bytes to a user's bookmarks can lead to arbitrary code execution on the Windows Safari 3 Beta. Successful exploitation of this vulnerability has been achieved, with exploit samples circulated amongst a small group of recipients.

Description:

Another vulnerability affecting the Safari 3 Beta release on Windows has been discovered. In this particular vulnerability, adding a page with an exceedingly long title to a user's bookmarks can lead to the remote attacker possibly gaining control over the victim's system.

Although exploit code does exist, it has only been made available to a small group of recipients.

Mitigation:

Consider the use of an alternate browser until Apple is able to release a patch to address the vulnerability.

Updates:

Not Yet Available

Source:

http://www.frsirt.com/english/advisories/2007/2340

Exploits:

http://www.frsirt.com/english/services/

Not Yet Identified