Skip to main content

Apple Safari Multiple Vulnerabilities

Last Update Date: 13 Mar 2012 10:37 Release Date: 13 Mar 2012 5395 Views

RISK: Medium Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multipule vulnerabilities were reported in Apple Safari. A remote user can spoof URLs, bypass cookie restrictions and  obtain HTTP authentication credentials.

  1. A remote user can create a specially crafted URL containing International Domain Name (IDN) characters to load a spoofed site that appears to have an arbitrary URL in the address bar. Only Windows-based systems are affected.
  2. A remote 3rd-party web site can set a cookie even if the browser is configured to block 3rd-party cookies.
  3. When a remote site uses HTTP authentication and redirects to another site, the HTTP authentication credentials may be sent to the other site.

Impact

  • Security Restriction Bypass
  • Spoofing

System / Technologies affected

  • Apple Safari prior to 5.1.4

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to fix version 5.1.4

Vulnerability Identifier


Source


Related Link