Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari

Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari

Posted by · 13087 views · Translate

David Vieira-Kurz of MajorSecurity has discovered a security issue with Mobile Safari in iOS 5.1.

The weakness is caused due to an error within the handling of URLs when using javascript's window.open() method. This can be exploited to potentially trick users into supplying sensitive information to a malicious web site, because information displayed in the address bar can be constructed in a certain way, which may lead users to believe that they're visiting another web site than the displayed web site.

The vulnerability has been tested present on an iPhone4, iPhone4S, iPad2 and iPad3 running iOS 5.1. Apple was notified on March 3rd of the vulnerability and should release an update to iOS that will resolve the issue shortly.

Steps to Reproduce:
1) Visit http://majorsecurity.net/html5/ios51-demo.html with Safari on iOS 5.1
2) Click the "demo" button
3) Safari will open a new window with "http://www.apple.com" in the address bar, but in fact "http://www.apple.com" is being displayed inside an iframe within the host http://www.majorsecurity.net
4) Safari's address bar is showing "http://www.apple.com" which makes the user believe he/she is currently visiting Apple.com while he's still on the attacker's website.

Read More [via TNW]


Address Bar Spoofing Vulnerability Found in iOS 5.1 Mobile SafariAddress Bar Spoofing Vulnerability Found in iOS 5.1 Mobile Safari

Lostmon - March 22, 2012 at 10:53pm
I have discovered and reported this vuln in safari for windows in 12/03/2011. http://lostmon.blogspot.com
Lostmon - March 23, 2012 at 1:53pm
http://lostmon.blogspot.com/2012/03/safari-for-windows-and-ios-url-weakness.html
Jeremy - March 22, 2012 at 7:18pm
I have 4.3.3 and it does the same thing so this has been around for a long time just no one cought it
Rollback - March 22, 2012 at 2:56pm
Seems to still be exploitable in 5.0.1:\
Robert - March 22, 2012 at 1:50pm
That´s no good!
Recent