CVE-2012-3693 Information

Description

Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs and possibly conduct phishing attacks by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs.

Reference

http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5503