The Register: Firefox Spoofing Flaw Goes International
Feb 08, 2005, 16:00 (9 Talkback[s])
(Other stories by John Leyden)
"A security loophole in Mozilla and Firefox browser could be
used to spoof the URL displayed in the address bar, SSL certificate
and status bar. The vulnerability also affects Opera and Konqueror
and stems from a flawed IDN (International Domain Name)
implementation within the browsers.
"The bug could be exploited by registering domain names with
certain international characters--which look like other
commonly-used characters--in order to hoodwink users into believing
they on a different, trusted site..."