Description
The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs.
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48377
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80088
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026785
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
Scores
EPSS
0.0142
EPSS Percentile
69.7%
Details
CWE
CWE-20
Status
published
Products (34)
apple/safari
1.0 (3 CPE variants)
apple/safari
1.0.0
apple/safari
1.0.0b1
apple/safari
1.0.0b2
apple/safari
1.0.1
apple/safari
1.0.2
apple/safari
1.0.3 (3 CPE variants)
apple/safari
1.0b1
apple/safari
1.1
apple/safari
1.1.0
... and 24 more
Published
Mar 12, 2012
Tracked Since
Feb 18, 2026