========
TimeLine
========
Discovered: 18 May 2007
Released: 22 May 2007
Approved: 11 June 2007
Reported: 23 May 2007
Fixed: 15 August 2007
Published: 16 August 2007
===========
PRODUCT SPECIFIC INFORMATION
None
HISTORY
Version:1 (rev.1) - 12 May 2010 Initial release
Version:2 (rev.2) - 11 June 2010 HP MFP Digital Sending Software v4.18.5 is available
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
concerning only user who downloaded the GPL version ( Acajoom GPL
3.2.7 ) between Thursday 25th of June and Sunday 28th of June."
The start date for the back door and vulnerability is false. This
issue existed in the wild before 19 June 2009. According to the
timestamps in the archive, the hack was prepared on 11 June 2009.
On 6/22/09, Jan van Niekerk wrote:
> Vulnerability:
> Remote code execution back door
>
III. BACKGROUND
-------------------------
Safari is a web browser developed by Apple Inc. It is the default browser in
Mac OS X v10.3 and higher. Safari for the Microsoft Windows platform first
released on 11 June 2007 and currently supports both Windows XP and Windows
Vista. The current stable release of the browser is 4.0.3 for Mac OS X and
Windows. (Source - Wikipedia).
Safari 4 introduced the Top Sites feature to provide an at-a-glance view of
a user's favorite websites. It is the most hyped feature of Safari 4 and
