From http://support.apple.com/kb/HT4104:
CVE-ID: CVE-2010-0536
Impact: Opening a maliciously crafted BMP image may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in the handling of BMP images…
AsyncXMLHttpRequest is an extension of XMLHttpRequest with the following improvements:
Uniform behavior on multiple different browsers (Apple Safari, Google Chrome, Microsoft Internet Explorer, Mozilla Firefox and Opera).
Event handlers are called with the AsyncXMLHttpRequest object to which they apply as the first argument…
CVE-2008-2303 covers an integer overflow in the handling of indices in the “arguments” array in Apple Safari that affects iPhone, iPod and PC (Mac and Windows). It was fixed in Safari 3.2 for iPhone and iPod in July and for PC in November…
I’ve created a table with contact information for security teams for mayor software vendors. I’m hoping you’ll find the information useful when you’re trying to report a vulnerability…
I’ve created an example script that outputs a stack dump in JavaScript. It shows all the functions that have been called, their arguments and the values of these arguments. I find it to be very useful while writing complex JavaScripts – I use it in asserts and error handlers to find out why things go wrong quickly…
Apple has released a patch for a remote code execution vulnerability that I reported to them…
