header-logo
Suggest Exploit
vendor:
Safari Web Browser
by:
Unknown
5.5
CVSS
MEDIUM
URI obfuscation
Obfuscation
CWE
Product Name: Safari Web Browser
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:apple:safari_web_browser
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

URI obfuscation weakness in Apple Safari Web Browser

The vulnerability allows an attacker to display false information in the status bar of the Safari Web Browser, making web pages appear to originate from a trusted location. This can be used to deceive unsuspecting users.

Mitigation:

Update to the latest version of Apple Safari Web Browser.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11573/info

A URI obfuscation weakness reportedly affects the Apple Safari Web Browser.

This issue may be leveraged by an attacker to display false information in the status bar of an unsuspecting user, allowing an attacker to present web pages to users that seem to originate from a trusted location.

<a href="http://www.example1.com/"><table><tr><td><a
href="http://www.example2.com/">Click here</td></tr></table></a>