CVE-2008-1588

Safari - Address Bar Spoofing via Unicode Ideographic Spaces

Title source: llm
STIX 2.1

Description

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL.

References (9)

Core 9
Core References
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43732
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3613
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30186
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1522
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35379
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2094/references
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31074

Scores

EPSS 0.0227
EPSS Percentile 81.0%

Details

CWE
CWE-20
Status published
Products (1)
apple/safari
Published Jul 14, 2008
Tracked Since Feb 18, 2026