CVE 2018 12270
VixusFoxy edited this page May 19, 2019
·
7 revisions
[description]
In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites.
[Additional Information]
Re implementing the URL-catcher can prevent users from being tricked into visiting illegitimate (or phishing) websites.
[VulnerabilityType Other]
homoglyph / homograph attack
[Vendor of Product]
Valve
[Affected Product Code Base]
Steam - 1528829181
[Affected Component]
chat, group chat
[Attack Type]
Context-dependent
[CVE Impact Other]
phishing
[Attack Vectors]
homograph / homoglyph attack
[Reference]
Homoglyph Attack Generator in IronGeek
[Discoverer]
Vixus / Hexxyr
