Apple iPhone 1.1.1 Mobile Safari Browser iFrame Same Origin Policy Bypass Vulnerability
>> Advertisement <<
ALERT: “How A Hacker Launches A Blind SQL Injection Attack Step-by-Step”!” - White Paper
Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29

Read More…
Source: Security Focus

Apple iPhone Mobile Safari Browser Window Properties Same Origin Policy Bypass Vulnerability

Read More…
Source: Security Focus

Apple iPhone Safari Browser Same Domain Content Manipulation Vulnerability

Read More…
Source: Security Focus

So the precision of an IEEE single precision float is about 7 digits and of a double is about 15. If you try to exhibit the result to more digits of precision what makes anyone think you would get a more …

Read More…
Source: Full Disclosure

Great. The 2007 version of the fdiv bug. Geoff Sent from my BlackBerry wireless handheld. Original Message From: “Steven Adair” Date: Fri, 28 Sep 2007 13:20:51 To:”Larry Seltzer” Cc:full-disclosureatlists.com> Subject: Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug …

Read More…
Source: Full Disclosure

This is not only Firefox 2.0.0.7. I still have 2.0.0.5 and it still shows the 5.1000000000000005. Of course if you understand floating point and the level of accuracy needed, I don’t see how this could be serious. And I don’t see a way this being exploited to give RCE. …

Read More…
Source: Full Disclosure

>>..perhaps one day, this will be exploitable. Consider the possibilities for this code: If ((4.2-0.1) != 4.1) { exploitclient(); } Larry Seltzer eWEEK.com Security Center Editor Contributing Editor, PC Magazine larry.seltzeratziffdavisenterprise.com Full-Disclosure - We believe in it. Charter: Hosted and sponsored by Secunia -

Read More…
Source: Full Disclosure

Actually, I see 5.1000000000000005 in both browsers. Larry Seltzer eWEEK.com Security Center Editor Contributing Editor, PC Magazine larry.seltzeratziffdavisenterprise.com Full-Disclosure - We believe in it. Charter: Hosted and sponsored by Secunia -

Read More…
Source: Full Disclosure

Safari in Apple iPhone 1.1.1 allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain.

Read More…
Source: National Vulnerability Database

Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to trick the iPhone user into making calls to arbitrary telephone numbers via a crafted “tel:” link that causes iPhone to display a different number than the number that will be dialed.

Read More…
Source: National Vulnerability Database