Safari Address Spoofing Vulnerability

Thursday, March 22, 2012 @ 02:03 PM gHale

There is a vulnerability in the WebKit in the mobile version of Safari where an attacker could manipulate the browser’s address bar and lead the user to a malicious site with a fake URL showing above it.

An advisory is out from security researcher David Vieira-Kurz explaining the issue. Incorrect handling of the URL when the JavaScript method “” is used allows an attacker to “own” HTML and JavaScript code in the new window and, in turn, change the address bar of the window.

Safari Vulnerabilities Revealed
Mac Trojan Steals Passwords
Apple’s OS X Tightens Security
Apple Deals with App Privacy Issues

Attackers could use the vulnerability for phishing attacks by sending users to pages which appear to be their bank and asking for account data.

The vulnerability affects WebKit 534.46 in the latest iOS version 5.1, though earlier versions of iOS may also exhibit the problem. Users of third party browsers based on WebKit on iOS could also be vulnerable to the address spoofing. Vieira-Kurz informed Apple of the problem in early March.

Only a few third-party browsers, such as Dolphin HD, suffer from the vulnerability. Other iOS browsers such as iCabMobile and Atomic Web are not.

Leave a Reply

You must be logged in to post a comment.