A flaw in Safari and other web browsers, including Firefox, Omniweb, Mozilla, Opera and Camino, that leaves users open to a spoofing or phishing attack has been discovered.
This is a serious security issue caused by an inappropriate implementation of IDN (International Domain Name), which permits the use of international characters in domain names.
Click the link below in order to test whether or not your system is vulnerable (the test will open a new window, where the address bar writes http://www.paypal.com, but the page is actually displaying content from Secunia).
You are vulnerable, if a new window is opened displaying a Secunia page, but the address bar is displaying http://www.paypal.com.
Saft Lite is a free Safari plug-in that will fix this problem in waiting for Apple to release a security update. Saft Lite requires Safari version 1.2.4 (v125.12).
There is no workaround known for other browsers.
Comments