Unrated severityNVD Advisory· Published Apr 28, 2008· Updated Jun 16, 2026
CVE-2008-1999
CVE-2008-1999
Description
Apple Safari 3.1.1 allows remote attackers to spoof the address bar by placing many "invisible" characters in the userinfo subcomponent of the authority component of the URL (aka the user field), as demonstrated by %E3%80%80 sequences.
Affected products
2cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*
- (no CPE)range: 3.1.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.