4.3
CVSSv2

CVE-2019-11721

Published: 23/07/2019 Updated: 24/08/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar in Firefox prior to 68.0. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

Vendor Advisories

The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar in Firefox before 680 This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion ...
USN-4054-1 caused some minor regressions in Firefox ...
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Arch Linux Security Advisory ASA-201907-4 ========================================= Severity: Critical Date : 2019-07-17 CVE-ID : CVE-2019-9811 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11718 CVE-2019-11719 CVE-2 ...
Security vulnerabilities fixed in Firefox 68 Announced July 9, 2019 Impact high Products Firefox Fixed in Firefox 68 ...
Synthetic Playback Agent has addressed the following vulnerabilities: ...