CVE-2005-0233
Mozilla Camino .8.5 and Firefox 1.0 - Domain Spoofing via Punycode Homograph Attack
Title source: llmDescription
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
References (14)
Core 14
Core References
Broken Link, Exploit, Vendor Advisory x_refsource_misc
http://www.shmoo.com/idn/homograph.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19236
Broken Link, Exploit, Vendor Advisory mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html
Broken Link, Exploit, Vendor Advisory x_refsource_misc
http://www.shmoo.com/idn
Broken Link, Exploit, Patch, Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html
Tool Signature vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229
Tool Signature vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-176.html
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-384.html
Exploit, Patch, Third Party Advisory, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
Exploit, Patch, Third Party Advisory, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110782704923280&w=2
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12461
Exploit, Patch, Third Party Advisory, Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/mfsa2005-29.html
Scores
EPSS
0.0858
EPSS Percentile
92.5%
Details
Status
published
Products (6)
mozilla/camino
0.8.5
mozilla/firefox
1.0
mozilla/mozilla
< 1.7.6
omnigroup/omniweb
5
opera/opera_browser
< 7.54
opera_software/opera_web_browser
7.54
Published
Feb 08, 2005
Tracked Since
Feb 18, 2026