Safari vulnerable to URL spoofing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Following the discovery by Benjamin Tobias Franz for spoofing URLs in IE by using tables within links.

http://www.packetstormsecurity.nl/0410-advisories/msieLink.txt

It is possible to spoof URLs under OS X in the latest Safari browser 1.2.3 (v125.9) by using the same method.
Ironically, this does not work with Internet Explorer on OS X version 5.2.3 (5815.1).

Tested on OS X 10.3.5 (build 7M34) with latest software update.

Further details and example at http://www.neoresearch.org/[neo]safari_url_spoof.html

regards,

Gilbert Verdian
neoresearch.org

[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux