Apple Safari Multiple Vulnerabilities

Last Update Date: 13 Mar 2012 10:37 Release Date: 13 Mar 2012 4359 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multipule vulnerabilities were reported in Apple Safari. A remote user can spoof URLs, bypass cookie restrictions and  obtain HTTP authentication credentials.

  1. A remote user can create a specially crafted URL containing International Domain Name (IDN) characters to load a spoofed site that appears to have an arbitrary URL in the address bar. Only Windows-based systems are affected.
  2. A remote 3rd-party web site can set a cookie even if the browser is configured to block 3rd-party cookies.
  3. When a remote site uses HTTP authentication and redirects to another site, the HTTP authentication credentials may be sent to the other site.

Impact

  • Security Restriction Bypass
  • Spoofing

System / Technologies affected

  • Apple Safari prior to 5.1.4

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to fix version 5.1.4

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Chrome Three Unspecified Code Execution Vulnerabilities

13 Mar 2012 4456 Views

Next

Citrix XenServer Workload Balancing Component Denial of Service Vulnerability

14 Mar 2012 4619 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY