Security specialist Secunia is warning users of Safari and Konqueror Embedded Web browser of a vulnerability that can be exploited by hackers.

The warning, which has not yet been confirmed by Apple, warns that both browsers fail to validate SSL certificates correctly, by not validating their Common Name, meaning hackers can spoof SSL sites.

Secunia says: "SSL serves two main purposes. One is to ensure the authenticity of the server, with which you are communicating, the other is to provide encrypted communication. The authenticity is completely broken when the Common Name isn't verified, since users can't know if they are communicating with the host in the address bar."

There have been no specific reports of spoofing as a result of the vulnerability.