Apple - iPhone Spoofing Vulnerability - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Apple - iPhone Spoofing Vulnerability

This proof of concept test has revealed a vulnerability in Safari that will most likely be patched soon. In any browser, please be careful with URLs and ensure you are going to a safe site.

Apple - iPhone Spoofing Vulnerability
http://blogs.pcmag.com/securitywatch/2010/11/iphone_vulnerable_to_web_ui_sp.php
http://blogs.sans.org/appsecstreetfighter/2010/11/29/ui-spoofing-safari-iphone/

QUOTE: Dhanjani shows how the default behavior for Safari is to scroll the page up to display more of its content, causing the address bar to disappear. This behavior is in response to particular Apple HTML META tags from the attack site advertising itself as a mobile site. The spoof page includes a fake address bar at the top which looks like the real address bar after the load.

Posted: Nov 30 2010, 08:26 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.