cve-2005-0235
Vulnerability from cvelistv5
Published
2005-02-07 05:00
Modified
2024-08-07 21:05
Severity ?
Summary
The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
References
secalert@redhat.comhttp://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.htmlBroken Link, Exploit, Vendor Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=110782704923280&w=2Mailing List
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_31_opera.htmlBroken Link
secalert@redhat.comhttp://www.securityfocus.com/bid/12461Broken Link, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.shmoo.com/idnBroken Link, Exploit
secalert@redhat.comhttp://www.shmoo.com/idn/homograph.txtBroken Link
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19236Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.htmlBroken Link, Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=110782704923280&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_31_opera.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/12461Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.shmoo.com/idnBroken Link, Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.shmoo.com/idn/homograph.txtBroken Link
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/19236Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.464Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.shmoo.com/idn/homograph.txt"
          },
          {
            "name": "multiple-browsers-idn-spoof(19236)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
          },
          {
            "name": "20050206 state of homograph attacks",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.shmoo.com/idn"
          },
          {
            "name": "SUSE-SA:2005:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_31_opera.html"
          },
          {
            "name": "20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2"
          },
          {
            "name": "12461",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12461"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.shmoo.com/idn/homograph.txt"
        },
        {
          "name": "multiple-browsers-idn-spoof(19236)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
        },
        {
          "name": "20050206 state of homograph attacks",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.shmoo.com/idn"
        },
        {
          "name": "SUSE-SA:2005:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_31_opera.html"
        },
        {
          "name": "20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2"
        },
        {
          "name": "12461",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12461"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2005-0235",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.shmoo.com/idn/homograph.txt",
              "refsource": "MISC",
              "url": "http://www.shmoo.com/idn/homograph.txt"
            },
            {
              "name": "multiple-browsers-idn-spoof(19236)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
            },
            {
              "name": "20050206 state of homograph attacks",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
            },
            {
              "name": "http://www.shmoo.com/idn",
              "refsource": "MISC",
              "url": "http://www.shmoo.com/idn"
            },
            {
              "name": "SUSE-SA:2005:031",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_31_opera.html"
            },
            {
              "name": "20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2"
            },
            {
              "name": "12461",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12461"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0235",
    "datePublished": "2005-02-07T05:00:00",
    "dateReserved": "2005-02-07T00:00:00",
    "dateUpdated": "2024-08-07T21:05:25.464Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.54\", \"matchCriteriaId\": \"BFE75E76-E20D-47A4-9603-0AF46F733AEF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.\"}]",
      "id": "CVE-2005-0235",
      "lastModified": "2024-11-20T23:54:41.830",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-05-02T04:00:00.000",
      "references": "[{\"url\": \"http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2005_31_opera.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/12461\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.shmoo.com/idn\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://www.shmoo.com/idn/homograph.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/19236\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2005_31_opera.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/12461\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.shmoo.com/idn\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://www.shmoo.com/idn/homograph.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/19236\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-0235\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2005-05-02T04:00:00.000\",\"lastModified\":\"2024-11-20T23:54:41.830\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.54\",\"matchCriteriaId\":\"BFE75E76-E20D-47A4-9603-0AF46F733AEF\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2005_31_opera.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/12461\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.shmoo.com/idn\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://www.shmoo.com/idn/homograph.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19236\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=110782704923280\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2005_31_opera.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/12461\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.shmoo.com/idn\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://www.shmoo.com/idn/homograph.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19236\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.