Domain Name Spoofing Vulnerability in Mozilla Products
CVE-2005-0233

Currently unrated

Key Information:

Vendor: Opera Software
Status: Opera Web Browser; Firefox; Camino; Omniweb
Vendor: CVE Published:; 8 February 2005

Summary

The vulnerability in Mozilla's IDN support allows attackers to exploit punycode encoded domain names, facilitating the creation of misleading URLs. By cleverly using homograph characters from different scripts, attackers can design URLs that appear legitimate but lead users to malicious websites. This vulnerability poses a significant risk to users, as it can easily be leveraged for phishing attacks aimed at compromising sensitive information.

References

http://www.shmoo.com/idn/homograph.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/19236

vdb-entryx_refsource_XF

http://lists.grok.org.uk/pipermail/full-disclosure/2005-F...

mailing-listx_refsource_FULLDISC

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 8, 2005
Vulnerability Reserved
Feb 7, 2005