Firefox URL Spoofing And Phising Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Mozilla Firefox browser and is prone to URL spoofing and phising vulnerability.

Impact

Successful remote exploitation will let the attacker spoof the URL information by using homoglyphs of say the /(slash) and ?(question mark)and can gain sensitive information by redirecting the user to any malicious URL. Impact Level: Application

Solution

Upgrade to Mozilla Firefox version 3.6.3 or later For updates refer to http://www.mozilla.com/en-US/firefox/

Insight

Firefox doesn't properly prevent the literal rendering of homoglyph characters in IDN domain names. This renders the user vulnerable to URL spoofing and phising attacks as the atatcker may redirect the user to a different arbitrary malformed website.

Affected

Mozilla Firefox version 3.0.6 and prior on Windows.

References

http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike
http://www.mozilla.org/projects/security/tld-idn-policy-list.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0652

CVSS	Base Score: 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P

Related Vulnerabilities

AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
Apple Safari WebKit Information Disclosure Vulnerability (Windows)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Mac OS X)
Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)

Take action and discover your vulnerabilities