Japan Vulnerability NotesJVN:46026251JVN#46026251: Safari address bar spoofing vulnerability
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
79.9%
Safari contains a vulnerability where the address bar displays a character string that looks like a different URL than the URL that is being accessed.
Impact
Phishing attacks may be possible, due to the difficulty in determining that the URL displayed in the address bar and the URL being accessed are different.
Solution
Update the software
Update to the latest version according to the information provided by the developer.
Products Affected
- Safari prior to 5.0
- Safari prior to 4.1
Related
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
79.9%