Apple Safari Common Name X.509 Certificate Spoofing
Remote / Network Access
Loss of Integrity
Apple Safari browser contains a flaw that may allow a malicious user to spoof certificates. The issue is triggered when a user connects to an SSL enabled webserver which presents a Common Name which is not validated. It is possible that the flaw may allow a malicious website to pose as another resulting in a loss of integrity.
Upgrade to version Safari 1.0 Beta 2 (v74) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.