Red Hat Bugzilla – Bug 147404
CAN-2005-0237 homograph spoofing
Last modified: 2007-11-30 17:10:59 EST
*** This bug has been split off bug 147397 ***
------- Original comment by Josh Bressers (Security Response Team) on 2005.02.07
The Shmoo Group has discovered a homograph attack in a number of web browsers:
This issue allows an attacker supply a domain name that looks like a common
name, but is an International Domain Name. This issue would allow various
attacks to steal information from an unsuspecting vitim.
Upstream is tracking this issue here:
it's already fixed in 6:3.3.1-2.9.FC3, which is available in fc3 update.