CVE Vulnerabilities

CVE-2005-0233

Published: Feb 08, 2005 | Modified: Feb 28, 2022
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Affected Software

Name Vendor Start Version End Version
Camino Mozilla 0.8.5 (including) 0.8.5 (including)
Firefox Mozilla 1.0 (including) 1.0 (including)
Mozilla Mozilla * 1.7.6 (excluding)
Omniweb Omnigroup 5 (including) 5 (including)
Opera_browser Opera * 7.54 (including)
Opera_web_browser Opera_software 7.54 (including) 7.54 (including)
Red Hat Enterprise Linux 2.1 RedHat galeon *
Red Hat Enterprise Linux 2.1 RedHat mozilla *
Red Hat Enterprise Linux 3 RedHat mozilla *
Red Hat Enterprise Linux 4 RedHat firefox-0:1.0.1-1.4.3 *
Mozilla Ubuntu dapper *
Mozilla Ubuntu edgy *

References