|
Feeds -
Exploits
|
|
Written by Moxie Marlinspike
|
|
Thursday, 19 February 2009 21:12 |
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
-\\Bugtraq ID:
33837
-\\Class:
Input Validation Error
-\\CVE:
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Feb 19 2009 12:00AM
-\\Updated:
Feb 19 2009 12:00AM
-\\Credit:
Moxie Marlinspike
-\\Vulnerable:
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0
-\\Discussion
Mozilla Firefox is affected by a URI-spoofing vulnerability because it fails to adequately handle specific characters in international domain name (IDN) subdomains.
An attacker may leverage this issue to spoof the source URI of a site presented to an unsuspecting user. This may lead to a false sense of trust because the user may be presented with a source URI of a trusted site while interacting with the attacker's malicious site.
Firefox 3.0.6 is vulnerable; other versions may also be affected.
-\\Exploit(s)/PoC(s):
To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted web document.
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Firefox Homepage
http://www.mozilla.com/en-US (Mozilla Foundation)
--IDN-enabled TLDs
http://www.mozilla.org/projects/security/tld-idn-policy-list.htm (Mozilla)
--New Tricks For Defeating SSL In Practice
https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pd (Moxie Marlinspike)
|
