Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-0238

Description

The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Affected products

GNOME Foundation/Epiphany
cpe:2.3:a:gnome:epiphany:*:*:*:*:*:*:*:*
Mozilla Corporation/Camino
cpe:2.3:a:mozilla:camino:0.8.5:*:*:*:*:*:*:*
Mozilla Corporation/Mozilla
cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*
Range: <=1.6
Omnigroup/Omniweb
cpe:2.3:a:omnigroup:omniweb:5:*:*:*:*:*:*:*
Opera (company)/Opera Browser
cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
Range: <=7.54

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/beta/show_bug.cginvdBroken LinkIssue TrackingPatchThird Party Advisory
lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.htmlnvdExploitVendor Advisory
www.shmoo.com/idnnvdBroken LinkExploitVendor Advisory
www.shmoo.com/idn/homograph.txtnvdBroken LinkExploitVendor Advisory
www.securityfocus.com/bid/12461nvdBroken LinkThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/19236nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000