IDN spoofing in Firefox

firefox burning?Sadly there seems to be quite a critical bug in the current version of Firefox which allow hackers/scammers to spoof the URL displayed in the address bar and the SSL certificate.

The vulnerability impacts every browser that uses the open-source Gecko browser kernel, almost all except IE, because of a flaw in handling International Domain Names (IDN).

This is very unfortunate for the Mozilla Foundation which recently released Firefox 1.0 alongside with all the browser which uses the Gecko kernel.

The bug was reported Monday 10th of February 2005 and currently none of the vendors have provided fixes for the flaw.

http://secunia.com/multiple_browsers_idn_spoofing_test/

3 Replies to “IDN spoofing in Firefox”

Leave a Reply to tommie Cancel reply

Your email address will not be published. Required fields are marked *