MFSA 2013-61: Homograph domain spoofing in .com, .net and .nameID: oval:org.secpod.oval:def:15010 | Date: (C)2013-09-01 (M)2024-03-27 |
Class: PATCH | Family: windows |
Security researcher 3ric Johanson reported in discussions with Richard Newman and Holt Sorenson thatVerisign"s prevention measures for homograph attacks using InternationalizedDomain Names (IDN) were insufficiently rigorous, and this led to a limited possibility for domain spoofing in Firefox. IDN allows non-English speakers to use domains in their local language. Manysupported characters are similar or identical to others in English, allowing for the potential spoofing of domain names and for phishing attacks when not blocked. In consultation with Verisign, Mozilla had added .com, .net, and .nametop-level domains to its IDN whitelist, allowing for IDN use in those top-leveldomains without restrictions. However, it became clear that a number of historical dangerous registrations continued to be valid. This issue has been fixed by removing the .com, .net, and .name top-leveldomains from the IDN whitelist, and supplementing the whitelist implementation with technical restrictions against script-mixing in domain labels. These restrictions apply to all non-whitelisted top-level domains. More information on the exact algorithm used can be found here .
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2016 |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Product: |
Mozilla SeaMonkey |
Mozilla Firefox |