Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html | Patch Vendor Advisory |
http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html | |
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html | |
http://secunia.com/advisories/36677 | Vendor Advisory |
http://secunia.com/advisories/43068 | Vendor Advisory |
http://support.apple.com/kb/HT3733 | Patch Vendor Advisory |
http://support.apple.com/kb/HT3860 | |
http://www.securityfocus.com/bid/36026 | Patch |
http://www.securitytracker.com/id?1022719 | |
http://www.vupen.com/english/advisories/2011/0212 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-08-12T19:00:00
Updated: 2009-08-15T09:00:00
Reserved: 2009-06-24T00:00:00
Link: CVE-2009-2199
JSON object: View
NVD Information
Status : Analyzed
Published: 2009-08-12T19:30:00.483
Modified: 2022-08-09T13:48:59.613
Link: CVE-2009-2199
JSON object: View
Redhat Information
No data.
CWE