18 matches found
EUVD-2005-0238
Malware in sbrugna...
SUSE CVE-2005-2871
Buffer overflow in the International Domain Name IDN support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a hostname with all "soft" hyphens character 0xAD, which is not...
openSUSE Security Update : vlc (openSUSE-SU-2014:0315-1)
VLC was updated to version 2.1.3 bnc864422 : + Core : - Fix broken behaviour with SOCKSv5 proxies - Fix integer overflow on error when using vlcreaddir + Access : - Fix DVB-T2 tuning on Linux. - Fix encrypted DVD playback. - Fix v4l2 frequency conversion. + Decoders : - Fix numerous issues M2TS,...
CVE-2012-3693
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs...
Design/Logic Flaw
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs...
CVE-2012-3693
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs...
Fedora 8 : bind-9.5.0-20.b1.fc8 (2007-4655)
bind-chroot-admin called restorecon on /proc filesystem 405281 - 9.5.0b1 release 405281, 392491 - stop with initscript will fail if rndc was disabled 417431 - fixed IDN support in dig and host utilities 412241 - added dst/gssapi.h to -devel subpackage 419091 - CVE-2007-6283 - /etc/rndc.key file...
Code injection
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name IDN support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" homographs and possibly perform...
FreeBSD : firefox & mozilla -- buffer overflow vulnerability (8665ebb9-2237-11da-978e-0001020eed82)
Tom Ferris reports : A buffer overflow vulnerability exists within Firefox version 1.0.6 and all other prior versions which allows for an attacker to remotely execute arbitrary code on an affected host. The problem seems to be when a hostname which has all dashes causes the NormalizeIDN call in...
security flaw
Buffer overflow in the International Domain Name IDN support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a hostname with all "soft" hyphens character 0xAD, which is not...
firefox & mozilla -- buffer overflow vulnerability
Tom Ferris reports: A buffer overflow vulnerability exists within Firefox version 1.0.6 and all other prior versions which allows for an attacker to remotely execute arbitrary code on an affected host. The problem seems to be when a hostname which has all dashes causes the NormalizeIDN call in...
CVE-2005-0238
The International Domain Name IDN support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...
CVE-2005-0238
The International Domain Name IDN support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...
CVE-2005-0234
The International Domain Name IDN support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...
CVE-2005-0236
The International Domain Name IDN support in Omniweb 5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...
Mandrake Linux Security Advisory : kdelibs (MDKSA-2005:058)
A vulnerability in dcopserver was discovered by Sebastian Krahmer of the SUSE security team. A local user can lock up the dcopserver of other users on the same machine by stalling the DCOP authentication process, causing a local Denial of Service. dcopserver is the KDE Desktop Communication...
CVE-2005-0236
The International Domain Name IDN support in Omniweb 5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...
CVE-2005-0234
The International Domain Name IDN support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...