Matt Cooley

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 6.0 **Description** The issue allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs. **Recommendations** For versions prior to 6.0, update to version 6.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 5.1.4 **Description** The issue concerns the Internationalized Domain Name (IDN) feature, which does not properly restrict characters in URLs. This allows remote attackers to spoof a domain name via unspecified homoglyphs. **Recommendations** For versions prior to 5.1.4, update to version 5.1.4 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Palm OS Treo smart phones (affected versions not specified) Description: The issue allows attackers with physical access to obtain sensitive information from the device's memory by utilizing the Find feature, which remains operational even when the system is locked with a password. This can be achieved through text searches or paste operations after pressing specific keyboard shortcut keys. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.