CVE-2005-0233

2005-02-0805:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

High

EPSS

0.939

Percentile

99.2%

JSON

The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Affected configurations

Nvd

Node

mozillacaminoMatch0.8.5

mozillafirefoxMatch1.0

mozillamozillaRange<1.7.6

omnigroupomniwebMatch5

operaopera_browserRange≤7.54

opera_softwareopera_web_browserMatch7.54

VendorProductVersionCPE
mozillacamino0.8.5cpe:2.3:a:mozilla:camino:0.8.5:*:*:*:*:*:*:*
mozillafirefox1.0cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
mozillamozilla*cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*
omnigroupomniweb5cpe:2.3:a:omnigroup:omniweb:5:*:*:*:*:*:*:*
operaopera_browser*cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
opera_softwareopera_web_browser7.54cpe:2.3:a:opera_software:opera_web_browser:7.54:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	camino	0.8.5	cpe:2.3:a:mozilla:camino:0.8.5:::::::*
mozilla	firefox	1.0	cpe:2.3:a:mozilla:firefox:1.0:::::::*
mozilla	mozilla	*	cpe:2.3:a:mozilla:mozilla::::::::
omnigroup	omniweb	5	cpe:2.3:a:omnigroup:omniweb:5:::::::*
opera	opera_browser	*	cpe:2.3:a:opera:opera_browser::::::::
opera_software	opera_web_browser	7.54	cpe:2.3:a:opera_software:opera_web_browser:7.54:::::::*