Home Corporate Website Jobs Mailing Lists RSS Blog New entry Advertise
	Software Inspectors   Scan Online   Personal (PSI)   Network (NSI 2.0)   - NEW - Solutions For   Security Professionals   Security Vendors Free Solutions For   Open Communities   Journalists & Media Secunia Advisories   Search   Historic Advisories   Listed By Product   Listed By Vendor   Statistics / Graphs   Secunia Research   Report Vulnerability   About Advisories Virus Information   Chronological List   Last 10 Virus Alerts   About Virus Information Secunia Customers   Customer Area CVE Reference: CVE-2005-0233 NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. Original Page at CVE MITRE: CVE-2005-0233 Description: The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. CVE Status: Candidate References: XF   http://xforce.iss.net/xforce/xfdb/19236 SUSE   http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html REDHAT   http://www.redhat.com/support/errata/RHSA-2005-384.html   http://www.redhat.com/support/errata/RHSA-2005-176.html OVAL   http://oval.mitre.org/oval/definitions/data/oval100029.html MISC   http://www.shmoo.com/idn/homograph.txt   http://www.shmoo.com/idn GENTOO   http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml   http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml FULLDISC   http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html CONFIRM   http://www.mozilla.org/security/announce/mfsa2005-29.html BUGTRAQ   http://marc.theaimsgroup.com/?l=bugtraq&m=110782704923280&w=2 BID   12461 Return to the previous page. Secunia PSI Scan | Patch | Track Free Download Secunia Poll Do you think it's important to read Setup/User Guides for applications for use within your network? Yes, I do it all the time Yes, but I do it rarely No See Results    Most Popular Advisories 1. Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation 2. Citrix Access Gateway Unspecified Authentication Bypass 3. Novell Client Login Long Username/Contex t Buffer Overflow 4. Kmita Mail "file" File Inclusion Vulnerability 5. Debian update for kernel 6. Gentoo update for aterm, eterm, rxvt, mrxvt, multi-aterm, wterm, and rxvt-unicode 7. rxvt-unicode X11 Display Security Issue 8. mrxvt X11 Display Security Issue 9. Internet Explorer "DisableCaching OfSSLPages" Weakness 10. wterm X11 Display Security Issue
Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia