#VU9319 Spoofing attack in Mozilla Firefox - CVE-2017-7832

Cybersecurity Help s.r.o.

Published: 2017-11-15

Vulnerability identifier: #VU9319

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-7832

CWE-ID: CWE-451

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mozilla Firefox
Client/Desktop applications / Web browsers

Vendor: Mozilla

Description

The vulnerability allows a remote attacker to spoof domain names.

The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for domain spoofing attacks because these combined domain names do not display as punycode.

A remote attacker can successfully perform a spoofing attack against domains with letter 'i.

Mitigation
Update to version Firefox 57.

Vulnerable software versions

Mozilla Firefox: 53.0 - 56.0.1

External links
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for Firefox

Arch Linux update for firefox

Multiple vulnerabilities in Mozilla Firefox