Apple

URL Spoofing in Safari Patched in iOS 5.1.1

Last month an exploit was found in Safari that allowed URL Spoofing. This wasn’t a huge concern at the time but it was definitely a security issue, and in the wrong hands could be dangerous to iOS users. But it looks like with the release of iOS 5.1.1 Apple has taken care of the problem…

This vulnerability was originally discovered by MajorSecurity.net.

“The weakness is caused due to an error within the handling of URLs when using javascript’s window.open() method. This can be exploited to potentially trick users into supplying sensitive information to a malicious website, because information displayed in the address bar can be constructed in a certain way, which may lead users to believe that they’re visiting another website that the displayed web site.”

Luckily with the release of iOS 5.1.1 this bug has been patched!

Safari

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: A maliciously crafted website may be able to spoof the address in the location bar

Description: A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems.

iOS 5.1.1 is available for download now through your devices Software Update or via iTunes.

Source: Cult of Mac

Share this Story

Related Posts

6 Comments

  1. Gvk Bio

    January 20, 2018 at 9:34 am

    531920 792863Some genuinely good stuff on this internet site , I enjoy it. 853828

    Reply

  2. Pharmacodynamics

    January 22, 2018 at 6:26 am

    106931 273745The luxury proposed may well be incomparable; citizens are never fail to looking for bags is a Native goals. The concept numerous insert goals uniquely to push diversity with visibility during the travel and leisure arena. Hotels Discounts 653425

    Reply

  3. warehouse for sale

    January 27, 2018 at 9:34 am

    519055 734243I only wish that I had the ability to convey what I wanted to say inside the manner which you have presented this info. Thanks. 217301

    Reply

  4. Stix Event Management Company in Hyderabad

    February 1, 2018 at 1:13 am

    343035 133497Das beste Webdesign Berlin erhalten Sie bei uns, genauso wie professionelles Webdesign. Denn wir sind die Webdesign Agentur mit pfiff. 632207

    Reply

  5. dokter kandungan di jakarta

    February 1, 2018 at 4:37 pm

    573823 924162i was just surfing along and came upon your weblog. just wanted to say excellent job and this post genuinely helped me. 202410

    Reply

  6. Innovation Tree SEO agency

    February 18, 2018 at 2:49 pm

    88871 453799Just wanna remark which you have a quite good web site , I enjoy the layout it in fact stands out. 601920

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Join Our Mailing List

Email Format

Free iTunes Gift Cards!

Find us on Google Plus