Vulnerability in IDN Support of Konqueror 3.2.1 from KDE Allows Domain Name Spoofing
CVE-2005-0237

Currently unrated

Key Information:

Vendor: Kde
Status: Konqueror
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-0237?

The IDN support in Konqueror 3.2.1 on KDE allows attackers to exploit punycode encoded domain names. These domain names can impersonate legitimate sites by utilizing homograph characters from various character sets. This vulnerability can lead to effective phishing attacks, as users may unknowingly interact with malicious sites that appear legitimate in the URLs and SSL certificates.

References

http://www.shmoo.com/idn/homograph.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/19236

vdb-entryx_refsource_XF

http://lists.grok.org.uk/pipermail/full-disclosure/2005-F...

mailing-listx_refsource_FULLDISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 7, 2005

CVE-2005-0237 Data

JSON

Kde

What is CVE-2005-0237?

References

Timeline