Safari on Apple iPhone prior to 2.0 and iPod touch prior to 2.0 allows remote malicious users to spoof the address bar via Unicode ideographic spaces in the URL.
Debian Bug report logs -
#535793
webkit: deluge of security vulnerabilities
Package:
webkit;
Maintainer for webkit is (unknown);
Reported by: Michael S Gilbert <michaelsgilbert@gmailcom>
Date: Sun, 5 Jul 2009 05:18:04 UTC
Severity: grave
Tags: fixed-upstream, security
Found in version 101-4
Fixed in version 1121-1 ...