The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
References
Configurations
Configuration 1 (hide)
|
History
28 Feb 2022, 17:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.7:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.4.4:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.35:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.8:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.48:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:* cpe:2.3:a:mozilla:mozilla:0.9.8:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:* cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:* |
References | (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml - Exploit, Patch, Third Party Advisory, Vendor Advisory | |
References | (MISC) http://www.shmoo.com/idn/homograph.txt - Broken Link, Exploit, Vendor Advisory | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=110782704923280&w=2 - Mailing List | |
References | (FULLDISC) http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html - Broken Link, Exploit, Vendor Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-384.html - Broken Link | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-176.html - Broken Link | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/19236 - Third Party Advisory, VDB Entry | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229 - Tool Signature | |
References | (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml - Exploit, Patch, Third Party Advisory, Vendor Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029 - Tool Signature | |
References | (MISC) http://www.shmoo.com/idn - Broken Link, Exploit, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/12461 - Broken Link, Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://www.mozilla.org/security/announce/mfsa2005-29.html - Exploit, Patch, Third Party Advisory, Vendor Advisory | |
References | (SUSE) http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html - Broken Link, Exploit, Patch, Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
First Time |
Opera
Opera opera Browser |
Information
Published : 2005-02-08 05:00
Updated : 2023-12-10 10:28
NVD link : CVE-2005-0233
Mitre link : CVE-2005-0233
CVE.ORG link : CVE-2005-0233
JSON object : View
Products Affected
mozilla
- mozilla
- camino
- firefox
opera
- opera_browser
opera_software
- opera_web_browser
omnigroup
- omniweb
CWE