Secunia
Login
|
|
CVE Reference: CVE-2009-1834 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-1834 |
|
|
Description: Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters. |
|
|
CVE Status: Candidate |
|
|
References: SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468 SAID Secunia Advisory: SA35431 Secunia Advisory: SA35439 Secunia Advisory: SA35331 Secunia Advisory: SA35468 Secunia Advisory: SA35415 REDHAT OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10436 OSVDB 55162 FEDORA DEBIAN http://www.debian.org/security/2009/dsa-1820 CONFIRM http://www.mozilla.org/security/announce/2009/mfsa2009-25.html BID 35388 35326 |
|
| Return to the previous page. |
