CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
95.2%
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote
attackers to spoof the location bar via an IDN with invalid Unicode
characters that are displayed as whitespace, as demonstrated by the \u115A
through \u115E characters.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
ubuntu | 9.04 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
ubuntu | 9.10 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu1 | UNKNOWN |
ubuntu | 8.04 | noarch | xulrunner-1.9 | < 1.9.0.11+build2+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | xulrunner-1.9 | < 1.9.0.11+build2+nobinonly-0ubuntu0.8.10.2 | UNKNOWN |
ubuntu | 9.04 | noarch | xulrunner-1.9 | < 1.9.0.11+build2+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
ubuntu | 9.04 | noarch | xulrunner-1.9.1 | < 1.9.1+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
ubuntu | 9.10 | noarch | xulrunner-1.9.1 | < 1.9.1~rc2+nobinonly-0ubuntu1 | UNKNOWN |