macnn

04/24/2008, 9:00pm, EDT

Thursday, April 24th

URL spoofing flaw affects Safari 3.1.1

A little over a week after Apple offered a security update to Safari 3.1.1, security research site Secunia warned users about another, but "less critical," vulnerability that could allows malicious sites to "spoof" other websites. Reported by Juan Pablo Lopez Yacubian, the security advisory notes that Safari 3.11 has a flaw that can be exploited by malicious people to display a fake URL in the address bar. "The problem is that it is possible to hide the actual location of a page in the address bar via a specially crafted URL containing a number of certain special characters in the 'user' field before the '@' character," the report noted. It affects both Mac OS X and Windows Vista of the browser and may also affect older versions. Secunia, however, rates the flaw as "less critical," but warns that users should avoid untrusted websites and untrusted links.

Last week's Safari 3.1.1 update included improvements to stability, compatibility and security fixes for four separate flaws -- specifically addressing a flaw in the Mac version of Safari that allowed Charlie Miller to win $10,000 in the Pwn2Own contest at CanSecWest. It also contained fixes for three other issues, including two that only affected the Windows version of Safari.


Filed under: security
Other story tags: Vista, Safari, browser, vulnerability

, , 2comments, del.icio.us, slashdot, digg, buzz


2 comments
Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article




Expand All   Global Settings
Guest
editing anyone
0
04/25, 1:16am, EDT
"could allows" Please does anyone proof read these?
Your Comments

In order to post comments: If you are a registered member, please login with your MacNN Forums username and password otherwise please uncheck the checkbox below.


Registered Member?
macnn forums login:

macnn forums password:

Not a member of the MacNN forums? Register now for free.

MacNN iPodNN Electronista
top searches
1. apple
2. iphone
3. apple TV
4. ipod
5. mac
6. BBC
7. icons
8. icon
9. macbook
10. leopard
search for more ..
RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.



  MacNN -all

  MacNN Reviews

  MacNN Podcasts

  iPodNN

  Electronista

  Left Lane News

Click Now for Great Deals on FUJITSU Products!: Limited Time Offer on Lifebook Notebooks, Tablet PCs, and Ultra-Mobile PCs!

Get Special Offers on LENOVO Mobility Solutions!: TopSeller Desktops, affordable Notebooks, and much more while supplies last!

Get Special Rebates on SONY Mobility Solutions!: Synnex Resellers - Take advantage of Special Offers on a variety of Notebook series from Sony today!

Check out Rebates on MOTION COMPUTING Tablets!: Perfect for any Healthcare provider! Buy now and get rebates on Motion C5 and LE1700 Tablet PCs!

Check Out the VIERA from Panasonic!: Enter a New Visual Era with Panasonic VIERA HDTVs. An Enhanced Experience.

Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.