lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2BB5E177-2B48-11D9-A9F4-000A95A012EE@neoresearch.org> Date: Mon, 1 Nov 2004 01:21:35 +1100 From: Gilbert Verdian <gverdian@...research.org> To: bugtraq@...urityfocus.com Subject: Safari vulnerable to URL spoofing Following the discovery by Benjamin Tobias Franz for spoofing URLs in IE by using tables within links. http://www.packetstormsecurity.nl/0410-advisories/msieLink.txt It is possible to spoof URLs under OS X in the latest Safari browser 1.2.3 (v125.9) by using the same method. Ironically, this does not work with Internet Explorer on OS X version 5.2.3 (5815.1). Tested on OS X 10.3.5 (build 7M34) with latest software update. Further details and example at http://www.neoresearch.org/[neo]safari_url_spoof.html regards, Gilbert Verdian neoresearch.org
Powered by blists - more mailing lists