lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 2 Oct 2015 06:17:33 +0000
From: Antonio Sanso <asanso@...be.com>
To: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: [FD] Apple Safari URI spoofing (CVE-2015-5764)

tl;dr Apple Safari for OS X was prone to URI spoofing vulnerability  (and more general a user interface spoofing). Apple released security updates for Safari 9<https://support.apple.com/kb/HT205265> on OS X and assigned CVE-2015-5764. Accidentally this vulnerability was also present in iOS.

Instant demo
In Safari up to 8.0.8 :

  *   go to https://asanso.github.io/CVE-2015-5764/file0.html
  *   click "click me!"
  *   notice the address bar being "data:text/html,%3CH1%3EHi!!%3C/H1%3E"
  *   go back using the browser button
  *   click "click me!"
  *   notice the address bar being http://www.intothesymmetry.com/CVE-2015-5764/file0.php !!!!

You can find the details in http://intothesymmetry.blogspot.it/2015/09/apple-safari-uri-spoofing-cve-2015-5764.html

regards

antonio


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ