|
|
CVE Reference: CVE-2005-0237 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0237 |
|
|
Description: The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/19236 SAID Secunia Advisory: SA14162 REDHAT http://www.redhat.com/support/errata/RHSA-2005-325.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10671 MISC http://www.shmoo.com/idn/homograph.txt http://www.shmoo.com/idn MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2005:058 FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html FEDORA http://www.securityfocus.com/archive/1/archive/1/427976/100/0/threaded CONFIRM http://www.kde.org/info/security/advisory-20050316-2.txt BID 12461 |
|
| Return to the previous page. |
