Mozilla.Browsers.IDN.Spoofing
Description
This indicates an attempted phishing attack in Mozilla browser, when IDN is supported. It allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates.
Affected Products
Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6
Impact
Privilege escalation.
Recommended Actions
Fedora Legacy advisory FLSA:178606 is available.
Mozilla Firefox Preview Release
Mozilla firefox-1.0.1-source.tar.bz2
Mozilla Firefox 0.9 rc
Mozilla firefox-1.0.1-source.tar.bz2
Mozilla Firefox 0.9.1
Mozilla firefox-1.0.1-source.tar.bz2
Mozilla Browser 1.7
Slackware gaim-1.2.0-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ gaim-1.2.0-i486-1.tgz
Slackware gaim-1.2.0-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ gaim-1.2.0-i486-1.tgz
Slackware mozilla-1.7.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ mozilla-1.7.6-i486-1.tgz
Slackware mozilla-1.7.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ mozilla-1.7.6-i486-1.tgz
Slackware mozilla-plugins-1.7.6-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ mozilla-plugins-1.7.6-noarch-1.tgz
Slackware mozilla-plugins-1.7.6-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ mozilla-plugins-1.7.6-noarch-1.tgz
Apple Mac OS X 10.3.8
Apple SecUpd2005-003Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05529&plat form=osx&method=sa/SecUpd2005-003Pan.dmg
Apple Mac OS X Server 10.3.8
Apple SecUpdSrvr2005-003Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05530&plat form=osx&method=sa/SecUpdSrvr2005-003Pan.dmg
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-11-22 | 15.729 | Name:Mozilla. Browser. IDN. Spoofing:Mozilla. Browsers. IDN. Spoofing |