CVE ID:	CVE-2009-1834
Description:	Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
Test IDs:	1.3.6.1.4.1.25623.1.0.64230   1.3.6.1.4.1.25623.1.0.64254   1.3.6.1.4.1.25623.1.0.64234
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1834 Debian Security Information: DSA-1820 (Google Search) http://www.debian.org/security/2009/dsa-1820 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html RedHat Security Advisories: RHSA-2009:1095 https://rhn.redhat.com/errata/RHSA-2009-1095.html http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 BugTraq ID: 35326 http://www.securityfocus.com/bid/35326 BugTraq ID: 35388 http://www.securityfocus.com/bid/35388 http://osvdb.org/55162 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10436 http://secunia.com/advisories/35331 http://secunia.com/advisories/35431 http://secunia.com/advisories/35439 http://secunia.com/advisories/35468 http://secunia.com/advisories/35415 http://www.vupen.com/english/advisories/2009/1572

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: