Описание
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-2199
- http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html
- http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://secunia.com/advisories/36677
- http://secunia.com/advisories/43068
- http://support.apple.com/kb/HT3733
- http://support.apple.com/kb/HT3860
- http://www.securityfocus.com/bid/36026
- http://www.securitytracker.com/id?1022719
- http://www.vupen.com/english/advisories/2011/0212
EPSS
CVE ID
Связанные уязвимости
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4. ...
EPSS