Skip to content

CVE 2018 12270

VixusFoxy edited this page May 19, 2019 · 7 revisions

[description]

In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites.


[Additional Information]

Re implementing the URL-catcher can prevent users from being tricked into visiting illegitimate (or phishing) websites.


[VulnerabilityType Other]

homoglyph / homograph attack


[Vendor of Product]

Valve


[Affected Product Code Base]

Steam - 1528829181


[Affected Component]

chat, group chat


[Attack Type]

Context-dependent


[CVE Impact Other]

phishing


[Attack Vectors]

homograph / homoglyph attack


[Reference]

Homoglyph Attack Generator in IronGeek


[Discoverer]

Vixus / Hexxyr

Clone this wiki locally
You can’t perform that action at this time.