CVE-2005-0233

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html", "name": "20050206 state of homograph attacks", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://www.shmoo.com/idn", "name": "http://www.shmoo.com/idn", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.shmoo.com/idn/homograph.txt", "name": "http://www.shmoo.com/idn/homograph.txt", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.mozilla.org/security/announce/mfsa2005-29.html", "name": "http://www.mozilla.org/security/announce/mfsa2005-29.html", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml", "name": "GLSA-200503-10", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "refsource": "GENTOO"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml", "name": "GLSA-200503-30", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "refsource": "GENTOO"}, {"url": "http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html", "name": "SUSE-SA:2005:016", "tags": ["Broken Link", "Exploit", "Patch", "Vendor Advisory"], "refsource": "SUSE"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-176.html", "name": "RHSA-2005:176", "tags": ["Broken Link"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-384.html", "name": "RHSA-2005:384", "tags": ["Broken Link"], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/12461", "name": "12461", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://marc.info/?l=bugtraq&m=110782704923280&w=2", "name": "20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.", "tags": ["Mailing List"], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236", "name": "multiple-browsers-idn-spoof(19236)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229", "name": "oval:org.mitre.oval:def:11229", "tags": ["Tool Signature"], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029", "name": "oval:org.mitre.oval:def:100029", "tags": ["Tool Signature"], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-0233", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-02-08T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:camino:0.8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.7.6"}, {"cpe23Uri": "cpe:2.3:a:omnigroup:omniweb:5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.54"}, {"cpe23Uri": "cpe:2.3:a:opera_software:opera_web_browser:7.54:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-02-28T17:41Z"}