Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OmniWeb Browser < 5.5.2 Javascript alert Function Format String



The remote host is vulnerable to a 'format string' flaw.


The remote host is using Omniweb, an alternative web browser for the Mac OS platform. This version of OmniWeb is vulnerable to a format-string flaw. Specifically, the Javascript 'alert' function fails to correctly parse specially formatted strings. An attacker exploiting this flaw would need the ability to pass malformed strings to the browser. This typically involves being able to entice a user into browsing to a malicious site. Successful exploitation would result in the attacker executing arbitrary code within the browser.


Upgrade to version 5.5.2 or higher.