Vulnerability Details : CVE-2005-0235
Potential exploit
The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
Products affected by CVE-2005-0235
- cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-0235
0.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-0235
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2005-0235
-
http://www.shmoo.com/idn
404 Not FoundBroken Link;Exploit
-
http://www.novell.com/linux/security/advisories/2005_31_opera.html
Broken Link
-
http://marc.info/?l=bugtraq&m=110782704923280&w=2
'International Domain Name [IDN] support in modern browsers allows' - MARCMailing List
-
http://www.securityfocus.com/bid/12461
Broken Link;Third Party Advisory;VDB Entry
-
http://www.shmoo.com/idn/homograph.txt
404 Not FoundBroken Link
-
http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html
[Full-Disclosure] Mailing List CharterBroken Link;Exploit;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/19236
Third Party Advisory;VDB Entry
Jump to