3 matches found
Design/Logic Flaw
The Internationalized Domain Names IDN blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by...
CVE-2009-0652
CVE-2009-0652 describes an IDN spoofing vulnerability where the IDN blacklist in Mozilla Firefox (and related Mozilla apps) failed to exclude box-drawing characters, enabling homoglyph-based phishing in subdomains of a .cn domain. Affected products include Firefox 3.0.6 (and others prior to 3.0.9...
CVE-2009-0652
The Internationalized Domain Names IDN blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by...