Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
URL Address Bar Spoofing in F-Secure SAFE Browser for iOS
Vulnerability Description
An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from another. This is performed by using a very long username part of the url so that user cannot see the domain name. A remote attacker can leverage this to perform url address bar spoofing attack. The fix is, browser no longer shows the user name part in address bar.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
F-Secure Safe Browser 安全漏洞
Vulnerability Description
F-Secure Safe Browser是芬兰F-Secure公司的一款互联网安全浏览器。用于实时阻止病毒、木马、勒索软件和其他威胁。 F-Secure Safe Browser for iOS 存在安全漏洞,该漏洞源于在 Safe Browser for iOS 中发现了 URL 地址栏欺骗漏洞。 当用户点击一个特制的恶意 URL 时,如果用户不仔细注意 url,用户可能会被欺骗认为内容可能来自一个有效的域,而它来自另一个域。 这是通过使用非常长的 url 用户名部分来执行的,因此用户无法看到域名。
CVSS Information
N/A
Vulnerability Type
N/A