Lucene search

K

RedhatCVELIST:CVE-2005-0233

HistoryFeb 07, 2005 - 5:00 a.m.

CVE-2005-0233

2005-02-0705:00:00

redhat

www.cve.org

8

AI Score

6.2

Confidence

High

EPSS

0.939

Percentile

99.2%

The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

References

lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html

marc.info/?l=bugtraq&m=110782704923280&w=2

www.gentoo.org/security/en/glsa/glsa-200503-10.xml

www.gentoo.org/security/en/glsa/glsa-200503-30.xml

www.mozilla.org/security/announce/mfsa2005-29.html

www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html

www.redhat.com/support/errata/RHSA-2005-176.html

www.redhat.com/support/errata/RHSA-2005-384.html

www.securityfocus.com/bid/12461

www.shmoo.com/idn

www.shmoo.com/idn/homograph.txt

exchange.xforce.ibmcloud.com/vulnerabilities/19236

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229

AI Score

6.2

Confidence

High

EPSS

0.939

Percentile

99.2%

Related for CVELIST:CVE-2005-0233

nvd2 ubuntucve2 checkpoint_advisories1 cve2 prion1 cvelist1 nessus12 securityvulns1 suse2 redhat3 openvas5 gentoo2 centos2 ubuntu1