CVE-2005-0233

{"id": "CVE-2005-0233", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-02-08T05:00:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=110782704923280&w=2", "tags": ["Mailing List"], "source": "secalert@redhat.com"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mozilla.org/security/announce/mfsa2005-29.html", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html", "tags": ["Broken Link", "Exploit", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-176.html", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-384.html", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/12461", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.shmoo.com/idn", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.shmoo.com/idn/homograph.txt", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029", "tags": ["Tool Signature"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229", "tags": ["Tool Signature"], "source": "secalert@redhat.com"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=110782704923280&w=2", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mozilla.org/security/announce/mfsa2005-29.html", "tags": ["Exploit", "Patch", "Third Party Advisory", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html", "tags": ["Broken Link", "Exploit", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-176.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-384.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/12461", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.shmoo.com/idn", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.shmoo.com/idn/homograph.txt", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100029", "tags": ["Tool Signature"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11229", "tags": ["Tool Signature"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."}], "lastModified": "2024-11-20T23:54:41.610", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:camino:0.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D044E602-45A5-4B14-8B16-B0978D985027"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6"}, {"criteria": "cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6F232DA-F897-4429-922E-F5CFF865A8AA", "versionEndExcluding": "1.7.6"}, {"criteria": "cpe:2.3:a:omnigroup:omniweb:5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECD3E937-C813-4564-9E3C-D009D39E8A8B"}, {"criteria": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFE75E76-E20D-47A4-9603-0AF46F733AEF", "versionEndIncluding": "7.54"}, {"criteria": "cpe:2.3:a:opera_software:opera_web_browser:7.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142EB1E3-2918-4792-83D7-9D7B6A3BD26B"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}