November 18, 2024
Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari

Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari

Posted March 22, 2012 at 1:40pm by iClarified
David Vieira-Kurz of MajorSecurity has discovered a security issue with Mobile Safari in iOS 5.1.

The weakness is caused due to an error within the handling of URLs when using javascript's window.open() method. This can be exploited to potentially trick users into supplying sensitive information to a malicious web site, because information displayed in the address bar can be constructed in a certain way, which may lead users to believe that they're visiting another web site than the displayed web site.

The vulnerability has been tested present on an iPhone4, iPhone4S, iPad2 and iPad3 running iOS 5.1. Apple was notified on March 3rd of the vulnerability and should release an update to iOS that will resolve the issue shortly.


Steps to Reproduce:
1) Visit http://majorsecurity.net/html5/ios51-demo.html with Safari on iOS 5.1
2) Click the "demo" button
3) Safari will open a new window with "http://www.apple.com" in the address bar, but in fact "http://www.apple.com" is being displayed inside an iframe within the host http://www.majorsecurity.net
4) Safari's address bar is showing "http://www.apple.com" which makes the user believe he/she is currently visiting Apple.com while he's still on the attacker's website.

Read More [via TNW]


Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (4)
You must login or register to add a comment...
Lostmon
Lostmon - March 22, 2012 at 10:53pm
I have discovered and reported this vuln in safari for windows in 12/03/2011. http://lostmon.blogspot.com
Jeremy
Jeremy - March 22, 2012 at 7:18pm
I have 4.3.3 and it does the same thing so this has been around for a long time just no one cought it
Rollback
Rollback - March 22, 2012 at 2:56pm
Seems to still be exploitable in 5.0.1:\
Robert
Robert - March 22, 2012 at 1:50pm
That´s no good!
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sonoma
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS