Back to search
CVE-2007-3742
Published: Aug 3, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://docs.info.apple.com/article.html?artnum=306173
x_refsource_CONFIRM
24636
vdb-entry
x_refsource_BID
ADV-2007-2730
vdb-entry
x_refsource_VUPEN
http://docs.info.apple.com/article.html?artnum=306174
x_refsource_CONFIRM
26287
third-party-advisory
x_refsource_SECUNIA
1018488
vdb-entry
x_refsource_SECTRACK
ADV-2007-2731
vdb-entry
x_refsource_VUPEN
safari-idn-url-spoofing(35716)
vdb-entry
x_refsource_XF
http://isc.sans.org/diary.html?storyid=3214
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now