security advisories

FSC-2014-4: Address Bar Spoofing in F-Secure Safe Browser for iOS

Description

An address bar spoofing vulnerability in F-Secure Safe Browser for iOS allows a user to be redirected to a malicious URL when a seemingly legitimate URL is clicked on.
 

Affected Products


Risk Level: Medium (Low/Medium/High/Critical)

  • F-Secure Safe Browser

 

Platforms

Risk Level: Medium (Low/Medium/High/Critical)

  • iOS 

 

Notes

Mitigating Factor

Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.

No attacks have been reported in the wild.

 

Fix Available

Product Versions Download
F-Secure Safe Browser for iOS 2.50.201102 Upgrade to version 2.50.201102 from the App Store or download the latest version from https://itunes.apple.com/app/id572847748

Credits

F-Secure Corporation would like to thank Ɓukasz Pilorz for bringing this issue to our attention.

 

Date Issued: 2014-05-19
Date Last Updated: 2014-05-21

Get
Support

For documentation and product support,
visit our support site.

Learn More

F-Secure Community

Give advice. Get advice. Share the knowledge
on our free discussion forum.

Visit Now