CVE-2005-0235

 

Published at: - 02-05-2005 06:00

Last modified: - 06-10-2022 02:13

Total changes: - 3

Description

The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:P/A:N

 

Verification logic

 

Reference

• 20050206 state of homograph attacks-Broken Link, Exploit, Vendor Advisory
• http://www.shmoo.com/idn
• http://www.shmoo.com/idn/homograph.txt
• 12461-Broken Link, Third Party Advisory, VDB Entry
• SUSE-SA:2005:031-Broken Link
• 20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.-Mailing List
• multiple-browsers-idn-spoof(19236)-Third Party Advisory, VDB Entry

 

Keywords

NVD

 

CVE-2005-0235

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures