BugTraq
Apple Safari: cookie stealing Jun 13 2007 10:34AM
Robert Swiecki (jagger swiecki net) (2 replies)
Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing Jun 14 2007 11:31PM
Robert Swiecki (jagger swiecki net) (2 replies)
Re: Apple Safari: idn urlbar spoofing Jun 25 2007 08:33PM
Robert Swiecki (jagger swiecki net) (1 replies)

With a specially crafted web page, an attacker can redirect
a www browser to the page, which URL (on the address bar) resembles an
arbitrary domain choosen by the attacker.

It is possible due to the fact, that apple safari supports
IDNs - http://en.wikipedia.org/wiki/Internationalized_domain_name -
and some of the UTF8 font glyphs embedded in the safari, could be used
to create an URL which contains whitespaces.

http://alt.swiecki.net/saft1.html

The picture taken on my system:
http://alt.swiecki.net/idn.png

Tested with Apple Safari 3.0.2 (522.13.1) on MS Windows 2003 SE SP2

--
Robert Swiecki
http://www.swiecki.net

[ reply ]
RE: [Full-disclosure] Apple Safari: idn urlbar spoofing Jun 25 2007 09:15PM
Larry Seltzer (Larry larryseltzer com) (1 replies)
Re: [Full-disclosure] Apple Safari: idn urlbar spoofing Jun 25 2007 09:22PM
Michal Zalewski (lcamtuf dione ids pl) (1 replies)
Re: Apple Safari: idn urlbar spoofing Jun 27 2007 09:27AM
Robert Swiecki (jagger swiecki net)
Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing Jun 15 2007 02:07PM
Mark Senior (senatorfrog gmail com)
Re: [Full-disclosure] Apple Safari: cookie stealing Jun 13 2007 02:46PM
Michal Zalewski (lcamtuf dione ids pl)


 

Privacy Statement
Copyright 2010, SecurityFocus