Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2005-0233 | First vendor Publication | 2005-02-08 |
Vendor | Cve | Last vendor Modification | 2022-02-28 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0233 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:100029 | |||
Oval ID: | oval:org.mitre.oval:def:100029 | ||
Title: | Mozilla IDN Homograph Spoofing Vulnerability | ||
Description: | The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0233 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11229 | |||
Oval ID: | oval:org.mitre.oval:def:11229 | ||
Title: | The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||
Description: | The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0233 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-10 (Firefox) File : nvt/glsa_200503_10.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-30 (Mozilla) File : nvt/glsa_200503_30.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
13578 | Mozilla Multiple Browser International Domain Name (IDN) Punycode Encoded Dom... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla Products IDN Spoofing Vulnerability Attempt RuleID : 17409 - Revision : 12 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-384.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-149-3.nasl - Type : ACT_GATHER_INFO |
2005-10-24 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_016.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-249.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-248.nasl - Type : ACT_GATHER_INFO |
2005-04-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-384.nasl - Type : ACT_GATHER_INFO |
2005-04-12 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_022.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-30.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-335.nasl - Type : ACT_GATHER_INFO |
2005-03-17 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-058.nasl - Type : ACT_GATHER_INFO |
2005-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-10.nasl - Type : ACT_GATHER_INFO |
2005-03-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-176.nasl - Type : ACT_GATHER_INFO |
2005-02-25 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_101.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:52 |
|
2024-02-01 12:01:38 |
|
2023-09-05 12:02:43 |
|
2023-09-05 01:01:30 |
|
2023-09-02 12:02:45 |
|
2023-09-02 01:01:30 |
|
2023-08-12 12:03:18 |
|
2023-08-12 01:01:30 |
|
2023-08-11 12:02:51 |
|
2023-08-11 01:01:32 |
|
2023-08-06 12:02:39 |
|
2023-08-06 01:01:31 |
|
2023-08-04 12:02:43 |
|
2023-08-04 01:01:32 |
|
2023-07-14 12:02:41 |
|
2023-07-14 01:01:32 |
|
2023-03-29 01:02:46 |
|
2023-03-28 12:01:36 |
|
2022-10-11 12:02:24 |
|
2022-10-11 01:01:24 |
|
2022-03-02 01:02:02 |
|
2022-03-01 00:23:26 |
|
2022-02-28 21:23:20 |
|
2021-05-04 12:02:45 |
|
2021-04-22 01:02:57 |
|
2020-05-23 00:16:18 |
|
2017-10-11 09:23:28 |
|
2017-07-11 12:01:48 |
|
2016-10-18 12:01:34 |
|
2016-04-26 13:15:22 |
|
2014-02-17 10:29:56 |
|
2014-01-19 21:22:32 |
|
2013-05-11 11:20:43 |
|