CVE-2005-0238
published 2005-05-02CVE-2005-0238: The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in…
PriorityP416medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
1.55%
72.0th percentile
The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | epiphany-browser | < epiphany-browser 1.4.8-2 (bookworm) | epiphany-browser 1.4.8-2 (bookworm) |
| mozilla | camino | — | — |
| mozilla | mozilla | <= 1.6 | — |
| omnigroup | omniweb | — | — |
| opera | opera_browser | <= 7.54 | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2005-0238: epiphany-browser - The International Domain Name (IDN) support in Epiphany allows remote attackers ...
vendor_debian·2005·CVSS 5.0
CVE-2005-0238 [MEDIUM] CVE-2005-0238: epiphany-browser - The International Domain Name (IDN) support in Epiphany allows remote attackers ...
The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
Scope: local
bookworm: resolved (fixed in 1.4.8-2)
bullseye: resolved (fixed in 1.4.8-2)
forky: resolved (fixed in 1.4.8-2)
sid: resolved (fixed in 1.4.8-2)
trixie: resolved (fixed in 1.4.8-2)
GHSA
GHSA-x737-2374-jhj3: The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are dec
ghsa_unreviewed·2022-05-01
CVE-2005-0238 [MEDIUM] GHSA-x737-2374-jhj3: The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are dec
The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
OSV
CVE-2005-0238: The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are dec
osv·2005-05-02·CVSS 5.0
CVE-2005-0238 [MEDIUM] CVE-2005-0238: The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are dec
The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CAPEC
Homograph Attack via Homoglyphs
mitre_capec
[MEDIUM] Homograph Attack via Homoglyphs
CAPEC-632: Homograph Attack via Homoglyphs
An adversary registers a domain name containing a homoglyph, leading the registered domain to appear the same as a trusted domain. A homograph attack leverages the fact that different characters among various character sets look the same to the user. Homograph attacks must generally be combined with other attacks, such as phishing attacks, in order to direct Internet traffic to the adversary-controlled destinations.
Alternate Terms: Homoglyph Attack
Execution Flow:
Step 1 [Explore]: [Determine target website] The adversary first determines which website to impersonate, generally one that is trusted and receives a consistent amount of traffic.
Technique: Research popular or high traffic websites.
Step 2 [Experiment]: [Impersonate trusted domain]
http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.htmlhttp://www.securityfocus.com/bid/12461http://www.shmoo.com/idnhttp://www.shmoo.com/idn/homograph.txthttps://bugzilla.redhat.com/beta/show_bug.cgi?id=147399https://exchange.xforce.ibmcloud.com/vulnerabilities/19236http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.htmlhttp://www.securityfocus.com/bid/12461http://www.shmoo.com/idnhttp://www.shmoo.com/idn/homograph.txthttps://bugzilla.redhat.com/beta/show_bug.cgi?id=147399https://exchange.xforce.ibmcloud.com/vulnerabilities/19236
2005-05-02
Published