Apple Safari International Domain Name URI Spoofing Vulnerability

Apple Safari is affected by a URI-spoofing vulnerability because it fails to adequately handle specific characters in international domain name (IDN) domains.

An attacker may leverage this issue to spoof the source URI of a site presented to an unsuspecting user. This may lead to a false sense of trust because the user may be presented with a source URI of a trusted site while interacting with the attacker's malicious site.

Versions prior to Apple Safari 5.1.4 on Windows systems are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus