CVE-2009-2199 Information

Feb 14, 2021 cve

Description

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3 as used on iPhone OS before 3.1 iPhone OS before 3.1.1 for iPod touch and other platforms allows remote attackers to spoof domain names in URLs and possibly conduct phishing attacks via unspecified homoglyphs.

Reference

http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/36677 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3733 http://support.apple.com/kb/HT3860 http://www.securityfocus.com/bid/36026 http://www.securitytracker.com/id?1022719 http://www.vupen.com/english/advisories/2011/0212

Share on: