Another one here! All Internet Browsers are affect except...... IE!!! WOW!!!

K-OTik Security Advisory : KOTIK/ADV-2005-0112
Rated as : Moderate
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-02-07

* Technical Description *

A new vulnerability was reported in several web browsers, which may be exploited by attackers to conduct phishing/spoofing attacks and display fake domain names. The problem resides in the IDN (International Domain Name) implementation and occurs when handling malformed URLs containing specially crafted characters, which may be exploited to spoof SSL certificates and the URL displayed in the address/status bar.

Example :
The URL https://www.pа will display (and points to

* Affected Products *

Mozilla 1.7.5 and earlier
Firefox 1.0 and earlier
Opera version 7.54u2 and earlier
Safari version 1.2.4 (v125.1) and earlier
OmniWeb version 5.1 and earlier
Konqueror version 3.2.2 and earlier

* Solution *

K-OTik Security is not aware of any official supplied patch for this issue.

* References *

* Credits *

Vulnerability reported by Eric Johanson
Source :