PT-2007-4983 · Apple · Iphone+1

Published

2007-08-03

Updated

2017-07-29

CVE-2007-3742

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Apple Safari versions 3 Beta through 3.0.3 iPhone versions prior to 1.0.1

Description The issue arises from the improper handling of International Domain Name (IDN) support and Unicode fonts. This allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks.

Recommendations For Apple Safari versions 3 Beta through 3.0.3, update to version 3.0.3 or later to resolve the issue. For iPhone versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue.

Exploit

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16CWE-59

Related Identifiers

CVE-2007-3742

Affected Products

Safari

Iphone

PT-2007-4983 · Apple · Iphone+1

CVE-2007-3742

Weakness Enumeration

Related Identifiers

Affected Products

References · 10