Domain Name Spoofing Vulnerability in Epiphany Browser by GNOME
CVE-2005-0238

Currently unrated

Key Information:

Vendor: Gnome
Status: Epiphany; Camino; Omniweb; Opera Browser
Vendor: CVE Published:; 2 May 2005

Summary

The Epiphany browser's International Domain Name (IDN) support contains a vulnerability that allows remote attackers to execute domain name spoofing attacks. By utilizing Punycode encoded domain names, attackers can deceive users by displaying homograph characters from different character sets in URLs and SSL certificates. This manipulation can facilitate phishing attacks, putting users at risk of credential theft and other forms of cyber exploitation.

References

http://www.shmoo.com/idn/homograph.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/19236

vdb-entryx_refsource_XF

http://lists.grok.org.uk/pipermail/full-disclosure/2005-F...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 7, 2005