vulnerability

SUSE: CVE-2017-7833: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Nov 14, 2017	May 20, 2018	Sep 8, 2018

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Nov 14, 2017

Added

May 20, 2018

Modified

Sep 8, 2018

Description

Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox

Solution(s)

suse-upgrade-mozillafirefoxsuse-upgrade-mozillafirefox-translations-commonsuse-upgrade-mozillafirefox-translations-other

References

BID-101832
SECTRACK-1039803
NVD-CVE-2017-7833
UBUNTU-USN-3477-1
UBUNTU-USN-3477-2
UBUNTU-USN-3477-3
UBUNTU-USN-3477-4

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today