7.5

CVE-2005-0233

Exploit

EPSS 8.58%
Veröffentlicht 08.02.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Camino Version0.8.5

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Mozilla Version < 1.7.6

Omnigroup ≫ Omniweb Version5

Opera ≫ Opera Browser Version <= 7.54

Opera Software ≫ Opera Web Browser Version7.54

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	8.58%	0.915

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml

Patch

Third Party Advisory

Vendor Advisory

Exploit

http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml

Patch

Third Party Advisory

Vendor Advisory

Exploit

http://www.redhat.com/support/errata/RHSA-2005-176.html

Broken Link

http://www.redhat.com/support/errata/RHSA-2005-384.html

Broken Link

http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html

Patch

Vendor Advisory

Exploit

Broken Link

http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html

Vendor Advisory

Exploit

Broken Link

http://marc.info/?l=bugtraq&m=110782704923280&w=2

Mailing List

http://www.mozilla.org/security/announce/mfsa2005-29.html

Patch

Third Party Advisory

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/12461

Third Party Advisory

Broken Link

VDB Entry

http://www.shmoo.com/idn

Vendor Advisory

Exploit

Broken Link

http://www.shmoo.com/idn/homograph.txt

Vendor Advisory

Exploit

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/19236

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029

Tool Signature

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229

Tool Signature

https://nvd.nist.gov/vuln/detail/CVE-2005-0233

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0233

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0233

EUVD