Apple Safari Multiple Vulnerabilities
Last Update Date:
13 Mar 2012 10:37
Release Date:
13 Mar 2012
5395
Views
RISK: Medium Risk
TYPE: Clients - Browsers
Multipule vulnerabilities were reported in Apple Safari. A remote user can spoof URLs, bypass cookie restrictions and obtain HTTP authentication credentials.
- A remote user can create a specially crafted URL containing International Domain Name (IDN) characters to load a spoofed site that appears to have an arbitrary URL in the address bar. Only Windows-based systems are affected.
- A remote 3rd-party web site can set a cookie even if the browser is configured to block 3rd-party cookies.
- When a remote site uses HTTP authentication and redirects to another site, the HTTP authentication credentials may be sent to the other site.
Impact
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- Apple Safari prior to 5.1.4
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to fix version 5.1.4
Vulnerability Identifier
Source
Related Link
Share with