{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2681?format=json","vulnerability_id":"VCID-615z-2kke-63cz","summary":"Bjoern Hoehrmann and security researcher Moxie\nMarlinspike independently reported\nthat Unicode box drawing characters were allowed in Internationalized\nDomain Names (IDN) where they could be visually confused with\npunctuation used in valid web addresses.  This could be combined with\na phishing-type scam to trick a victim into thinking they were on a\ndifferent website than they actually were.","aliases":[{"alias":"CVE-2009-0652"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1113?format=json","purl":"pkg:mozilla/Firefox@3.0.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/1117?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.15"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0652","reference_id":"CVE-2009-0652","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0652"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-15","reference_id":"mfsa2009-15","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-15"}],"weaknesses":[],"exploits":[],"severity_range_score":"0.1 - 3","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-615z-2kke-63cz"}