vendor:
Safari
by:
SecurityFocus
7.5
CVSS
HIGH
URI-spoofing
20
CWE
Product Name: Safari
Affected Version From: Safari 4.0.1
Affected Version To: Other versions may also be vulnerable.
Patch Exists: YES
Related CWE: N/A
CPE: apple:safari
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Apple Safari URI-spoofing Vulnerability
An attacker may leverage this issue by inserting arbitrary content to spoof a URI presented to an unsuspecting user. This may lead to a false sense of trust because the victim may be presented with a URI of a seemingly trusted site while interacting with the attacker's malicious site.
Mitigation:
Ensure that Safari is updated to the latest version.
