Short Name |
HTTP:FIREFOX-IDN-SPOOF
|
Severity |
Medium
|
Recommended |
No
|
Category |
HTTP
|
Keywords |
Mozilla Products IDN Spoofing Vulnerability
|
Release Date |
2013/06/13
|
Update Number |
2273
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vsrx-12.1+
|
HTTP: Mozilla Products IDN Spoofing Vulnerability
This signature detects foreign characters in a hostname. Attackers can register a domain name that uses non-Latin international characters, then use the hostname to disguise the actual URL of a malicious Web site.
Extended Description
Multiple browsers are reported prone to vulnerabilities that surround the handling of International Domain Names.
The vulnerabilities are caused by inconsistencies in how International Domain Names are processed. Reports indicate that attackers can leverage this to spoof address bars, status bars, and SSL certificate values.
Remote attackers may exploit these vulnerabilities in phishing-style attacks. Through a false sense of trust, users may voluntarily disclose sensitive information to a malicious website.
Although these vulnerabilities are reported to affect browsers, mail clients that depend on the browser to generate HTML code may also be affected.
Affected Products
- ALT Linux ALT Linux Compact 2.3.0
- ALT Linux ALT Linux Junior 2.3.0
- Apple Mac OS X 10.0.0
- Apple Mac OS X 10.0.0 3
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.1.0
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.2.0
- Apple Mac OS X 10.2.1
- Apple Mac OS X 10.2.2
- Apple Mac OS X 10.2.3
- Apple Mac OS X 10.2.4
- Apple Mac OS X 10.2.5
- Apple Mac OS X 10.2.6
- Apple Mac OS X 10.2.7
- Apple Mac OS X 10.2.8
- Apple Mac OS X 10.3.0
- Apple Mac OS X 10.3.1
- Apple Mac OS X 10.3.2
- Apple Mac OS X 10.3.3
- Apple Mac OS X 10.3.4
- Apple Mac OS X 10.3.5
- Apple Mac OS X 10.3.6
- Apple Mac OS X 10.3.7
- Apple Mac OS X 10.3.8
- Apple Mac OS X Server 10.0.0
- Apple Mac OS X Server 10.1.0
- Apple Mac OS X Server 10.1.1
- Apple Mac OS X Server 10.1.2
- Apple Mac OS X Server 10.1.3
- Apple Mac OS X Server 10.1.4
- Apple Mac OS X Server 10.1.5
- Apple Mac OS X Server 10.2.0
- Apple Mac OS X Server 10.2.1
- Apple Mac OS X Server 10.2.2
- Apple Mac OS X Server 10.2.3
- Apple Mac OS X Server 10.2.4
- Apple Mac OS X Server 10.2.5
- Apple Mac OS X Server 10.2.6
- Apple Mac OS X Server 10.2.7
- Apple Mac OS X Server 10.2.8
- Apple Mac OS X Server 10.3.0
- Apple Mac OS X Server 10.3.1
- Apple Mac OS X Server 10.3.2
- Apple Mac OS X Server 10.3.3
- Apple Mac OS X Server 10.3.4
- Apple Mac OS X Server 10.3.5
- Apple Mac OS X Server 10.3.6
- Apple Mac OS X Server 10.3.7
- Apple Mac OS X Server 10.3.8
- Apple Safari 1.0.0
- Apple Safari 1.1.0
- Apple Safari 1.2.0
- Apple Safari 1.2.1
- Apple Safari 1.2.2
- Apple Safari 1.2.3
- Apple Safari Beta 2
- Conectiva Linux 10.0.0
- Conectiva Linux 9.0.0
- CoreStreet SpoofStick 1.4.0
- Gentoo Linux
- HP HP-UX B.11.00
- HP HP-UX B.11.11
- HP HP-UX B.11.22
- HP HP-UX B.11.23
- KDE 3.2.0
- KDE 3.2.1
- KDE 3.2.2
- KDE 3.2.3
- KDE 3.3.0
- KDE 3.3.1
- KDE 3.3.2
- KDE kdelibs 3.3.1
- KDE Konqueror 2.1.1
- KDE Konqueror 2.1.2
- KDE Konqueror 2.2.1
- KDE Konqueror 2.2.2
- KDE Konqueror 3.0.0
- KDE Konqueror 3.0.1
- KDE Konqueror 3.0.2
- KDE Konqueror 3.0.3
- KDE Konqueror 3.0.5
- KDE Konqueror 3.0.5 b
- KDE Konqueror 3.1.0
- KDE Konqueror 3.1.1
- KDE Konqueror 3.1.2
- KDE Konqueror 3.1.3
- KDE Konqueror 3.1.4
- KDE Konqueror 3.1.5
- KDE Konqueror 3.2.1
- KDE Konqueror 3.2.2 -6
- KDE Konqueror 3.2.3
- KDE Konqueror 3.3.0
- KDE Konqueror 3.3.1
- KDE Konqueror 3.3.2
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.0.0
- Mandriva Linux Mandrake 10.0.0 amd64
- Mandriva Linux Mandrake 10.1.0
- Mandriva Linux Mandrake 10.1.0 X86 64
- Mozilla Browser 0.8.0
- Mozilla Browser 0.9.2
- Mozilla Browser 0.9.2 .1
- Mozilla Browser 0.9.3
- Mozilla Browser 0.9.35
- Mozilla Browser 0.9.4
- Mozilla Browser 0.9.4 .1
- Mozilla Browser 0.9.48
- Mozilla Browser 0.9.5
- Mozilla Browser 0.9.6
- Mozilla Browser 0.9.7
- Mozilla Browser 0.9.8
- Mozilla Browser 0.9.9
- Mozilla Browser 1.0.0
- Mozilla Browser 1.0.0 RC1
- Mozilla Browser 1.0.0 RC2
- Mozilla Browser 1.0.1
- Mozilla Browser 1.0.2
- Mozilla Browser 1.1.0
- Mozilla Browser 1.1.0 Alpha
- Mozilla Browser 1.1.0 Beta
- Mozilla Browser 1.2.0
- Mozilla Browser 1.2.0 Alpha
- Mozilla Browser 1.2.0 Beta
- Mozilla Browser 1.2.1
- Mozilla Browser 1.3.0
- Mozilla Browser 1.3.1
- Mozilla Browser 1.4.0
- Mozilla Browser 1.4.0 A
- Mozilla Browser 1.4.0 B
- Mozilla Browser 1.4.1
- Mozilla Browser 1.4.2
- Mozilla Browser 1.5.0
- Mozilla Browser 1.5.1
- Mozilla Browser 1.6.0
- Mozilla Browser 1.7.0
- Mozilla Browser 1.7.0 Alpha
- Mozilla Browser 1.7.0 Beta
- Mozilla Browser 1.7.0 Rc1
- Mozilla Browser 1.7.0 Rc2
- Mozilla Browser 1.7.0 Rc3
- Mozilla Browser 1.7.1
- Mozilla Browser 1.7.2
- Mozilla Browser 1.7.3
- Mozilla Browser 1.7.4
- Mozilla Browser 1.7.5
- Mozilla Browser 1.8.0 Alpha 1
- Mozilla Browser 1.8.0 Alpha 2
- Mozilla Browser 1.8.0 Alpha 3
- Mozilla Browser 1.8.0 Alpha 4
- Mozilla Browser M15
- Mozilla Browser M16
- Mozilla Camino 0.7.0 .0
- Mozilla Camino 0.8.0
- Mozilla Firebird 0.5.0
- Mozilla Firebird 0.6.1
- Mozilla Firebird 0.7.0
- Mozilla Firefox 0.10.0
- Mozilla Firefox 0.10.1
- Mozilla Firefox 0.8.0
- Mozilla Firefox 0.9.0
- Mozilla Firefox 0.9.0 Rc
- Mozilla Firefox 0.9.1
- Mozilla Firefox 0.9.2
- Mozilla Firefox 0.9.3
- Mozilla Firefox 1.0.0
- Mozilla Firefox Preview Release
- Mozilla Thunderbird 0.6.0
- Mozilla Thunderbird 0.7.0
- Mozilla Thunderbird 0.7.1
- Mozilla Thunderbird 0.7.2
- Mozilla Thunderbird 0.7.3
- Mozilla Thunderbird 0.8.0
- Mozilla Thunderbird 0.9.0
- Mozilla Thunderbird 1.0.0
- Netscape 7.0.0
- Netscape 7.1.0
- Netscape 7.2.0
- Novell Linux Desktop 9
- Omni Group OmniWeb 4.0.6
- Omni Group OmniWeb 4.1.0 beta11
- Omni Group OmniWeb 4.5.0
- Omni Group OmniWeb 5.0.1
- Opera Software Opera Web Browser 5.0.0 2 Win32
- Opera Software Opera Web Browser 5.0.0 Linux
- Opera Software Opera Web Browser 5.0.0 Mac
- Opera Software Opera Web Browser 5.1.0 0 Win32
- Opera Software Opera Web Browser 5.1.0 1 Win32
- Opera Software Opera Web Browser 5.12.0
- Opera Software Opera Web Browser 5.12.0 Win32
- Opera Software Opera Web Browser 6.0.0
- Opera Software Opera Web Browser 6.0.0 6
- Opera Software Opera Web Browser 6.0.0 .6Win32
- Opera Software Opera Web Browser 6.0.0 Win32
- Opera Software Opera Web Browser 6.0.1
- Opera Software Opera Web Browser 6.0.1 Linux
- Opera Software Opera Web Browser 6.0.1 Win32
- Opera Software Opera Web Browser 6.0.2 Linux
- Opera Software Opera Web Browser 6.0.2 Win32
- Opera Software Opera Web Browser 6.0.3 Linux
- Opera Software Opera Web Browser 6.0.3 Win32
- Opera Software Opera Web Browser 6.0.4 Win32
- Opera Software Opera Web Browser 6.0.5 Win32
- Opera Software Opera Web Browser 6.10.0 Linux
- Opera Software Opera Web Browser 7.0.0 1Win32
- Opera Software Opera Web Browser 7.0.0 2Win32
- Opera Software Opera Web Browser 7.0.0 3Win32
- Opera Software Opera Web Browser 7.0.0 Win32
- Opera Software Opera Web Browser 7.0.0 Win32 Beta 1
- Opera Software Opera Web Browser 7.0.0 Win32 Beta 2
- Opera Software Opera Web Browser 7.10.0
- Opera Software Opera Web Browser 7.11.0
- Opera Software Opera Web Browser 7.11.0 B
- Opera Software Opera Web Browser 7.11.0 J
- Opera Software Opera Web Browser 7.20.0
- Opera Software Opera Web Browser 7.20.0 Beta 1 Build 2981
- Opera Software Opera Web Browser 7.21.0
- Opera Software Opera Web Browser 7.22.0
- Opera Software Opera Web Browser 7.23.0
- Opera Software Opera Web Browser 7.50.0
- Opera Software Opera Web Browser 7.51.0
- Opera Software Opera Web Browser 7.52.0
- Opera Software Opera Web Browser 7.53.0
- Opera Software Opera Web Browser 7.54.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Fedora Core1
- Red Hat Fedora Core2
- Red Hat Fedora Core3
- Red Hat Linux 7.3.0
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 7.3.0 I686
- Red Hat Linux 9.0.0 I386
- SGI ProPack 3.0.0
- SuSE Linux 8.0.0
- SuSE Linux 8.0.0 i386
- SuSE Linux 8.1.0
- SuSE Linux Personal 8.2.0
- SuSE Linux Personal 9.0.0
- SuSE Linux Personal 9.0.0 X86 64
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE SUSE Linux Enterprise Server 9
- VeriSign i-Nav
References