Mobile Safari Vulnerable To Address Bar Spoofing in iOS 5.1
^_^
Posts: 4,429
Mobile Safari Vulnerable To Address Bar Spoofing in iOS 5.1
A new vulnerability in Safari in iOS 5.x has been found, which can be exploited to spoof URLs in the address bar. Taking advantage of this bug, malicious websites can spoof their domain name to a URL the user might trust, and ask for sensitive information like login credentials, credit card numbers etc.The discovery was made by David Vieira-Kurz of MajorSecurity, who explains the details behind the vulnerability:
Comments
-
Why cant apple perfect the OS?
-
tell me one thing that is "perfect".....troll
-
couldn't this be used to inject and Jailbreak through safari? Then Patch Later?
-
I don't see how showing a different URL in the address bar could be used in jailbreaking. This only makes a user think they are on a site that they are not.
-
-
That's what this is about that u can be tricked into thinking your on another site and possibly give up personal info where the hell did u get jailbreaking from ? Learn how to read @val
-
What if you're using a different browser? Can it still work?
-
"The Web Views used in third party browsers as well as apps like Twitter don't seem to exhibit this bug."
-
Because they don't have you working there.
-
"so we advise you to be careful when clicking links from sources that you do not trust"That's much harder to do since the introduction of URL shorteners.
-
-
bixera(*☻-☻*)
-
I don't think so it said only in safari
