Security Issue w/ Safari 1.2.5
Hey everyone,
FYI, a security flaw that allows "phishing" has been found in the implementation of IDN (International Domain Names). Safari uses this implementation as well:
http://www.shmoo.com/idn/homograph.txt (advisory)
http://www.shmoo.com/idn/ (example exploit)
Greetings,
durandal
FYI, a security flaw that allows "phishing" has been found in the implementation of IDN (International Domain Names). Safari uses this implementation as well:
http://www.shmoo.com/idn/homograph.txt (advisory)
http://www.shmoo.com/idn/ (example exploit)
Greetings,
durandal
Comments
javascript:alert("The%20real%20URL%20of%20this%20s ite%20is:%20"%20+%20location.protocol%20+%20"//"%20+%20location.hostname%20+%20"/");
Originally posted by jake bullet
Until a better solution comes along set this as a bookmark and click it before you start entering details. It will expose this particular 'scam'
javascript:alert("The%20real%20URL%20of%20this%20s ite%20is:%20"%20+%20location.protocol%20+%20"//"%20+%20location.hostname%20+%20"/");
Hey, works fine - gr8 idea