A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
Metrics
Affected Vendors & Products
References
History
Mon, 09 Dec 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
|
|
CPEs | cpe:/o:redhat:rhel_els:7 | |
Vendors & Products |
Redhat rhel Els
|
Wed, 04 Dec 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Tus
|
|
CPEs | cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Tus
|
Tue, 03 Dec 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Tus
|
Tue, 03 Dec 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
Mon, 02 Dec 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
Wed, 27 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1021 | |
Metrics |
ssvc
|
Wed, 27 Nov 2024 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters | |
Weaknesses | CWE-451 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Tue, 26 Nov 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2024-11-26T13:33:58.459Z
Updated: 2024-11-27T16:48:50.001Z
Reserved: 2024-11-25T16:29:31.287Z
Link: CVE-2024-11695
Vulnrichment
Updated: 2024-11-27T16:46:56.326Z
NVD
Status : Received
Published: 2024-11-26T14:15:19.040
Modified: 2024-11-27T17:15:09.867
Link: CVE-2024-11695
Redhat