13 matches found
Astra Linux – Vulnerability in Firefox
The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...
URL Spoofing
firefox is vulnerable to URL Spoofing. This occurs due to the use of RTL Arabic characters within the address bar which could lead to URL spoofing...
CVE-2023-37205
The vulnerability CVE-2023-37205 affects Mozilla Firefox (and ESR per related advisories) and is caused by the use of RTL Arabic characters in the address bar, which could allow URL spoofing. Affected versions are Firefox before 115. The risk is described in multiple sources, with Mozilla MFSA ad...
SUSE CVE-2017-7825
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affect...
Latest Apple Text-Bomb Crashes iPhones via Message Notifications
Apple devices are vulnerable to a “text bomb” attack where simply looking at messages or posts containing characters in the Sindhi language can crash devices. Sindhi is an official language used in Pakistan. The bug affects iPhone, iPad, Macs and Apple Watches, and arises from macOS and iOS faili...
CVE-2017-7825
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affect...
CVE-2017-7833
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combine...
CVE-2017-7825
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affect...
CVE-2017-7833
CVE-2017-7833 affects Mozilla Firefox versions earlier than 57.0. It enables domain spoofing by combining Arabic/Indic vowel markers with Latin characters in a domain name, causing the non-Latin character to be visually eclipsed and not displayed in punycode. Root cause: font/display rendering ma...
CVE-2017-7833
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combine...
CVE-2017-7833
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combine...
CVE-2015-1157
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service reboot and messaging disruption via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in 1 an SMS message or 2 a...
This Simple Text Message Can Crash and Reboot Your iPhone
A newly discovered bug in Apple's iOS mobile operating system has emerged this evening that lets iPhone users crash another user’s iPhone by just sending a tiny string of text characters in a message. The bug is related to the Messages app and the notification system used by iPhone and iPad devic...