|
|
How to avoid the new 'Help' URL handler vulnerability
I would like to chime in that modifying OpnApp.scpt does _not_ suffice.
Disclaimer: Try this at your own risk.
Don't be alarmed, I just wanted to make clear that everyone who tries out my exploit does so at his/her own risk. The exploit is designed to be absolutely non-destructive, but who knows what may happen on different systems.
Don't try this if you already have files called /sometestfile.txt and ~/sometestfile.html containing something important. They will not be overwritten, but data will be appended to them, which hypothetically can render them unusable. If you would like to take a peek into the applescript with scripteditor before trying the exploit to make sure it won't harm your system, the disk image is situated here:
http://www.schuderer.net/pub/dmgtest.dmg Here is the code of the contained script testme.scpt:
Paranoia galore! :) |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|