CWE-1007

Nombre

Insufficient Visual Distinction of Homoglyphs Presented to User

Probabilidad

Medio

Estado

Incomplete

Publicado

2017-11-08
00h00 +00:00

Modificado

2025-12-11
00h00 +00:00

Enlaces oficiales

CWE Mitre.org

Notificaciones para un CWE

Manténgase informado sobre cualquier cambio en un CWE específico.

Gestionar notificaciones

Alertas personalizadas

¡Active sus alertas personalizadas!

Para activar sus alertas, solo necesita iniciar sesión en su cuenta gratuita. Si aún no ha iniciado sesión, elija una de las opciones a continuación.

Iniciar sesión en su cuenta Crear una cuenta gratuita

Notificaciones para un CWE

Manténgase informado sobre cualquier cambio en un CWE específico.

Parámetros

Puede especificar un título que se recuperará en las alertas que se enviarán.

Especifique el ID de CWE que desea monitorear.

Planificación

Mes

Cálculo de la próxima ejecución

Día

Día de la semana

Hora

Minuto

Fecha de creación

Última ejecución

Próxima ejecución

Nombre: Insufficient Visual Distinction of Homoglyphs Presented to User

The product displays information or identifiers to a user, but the display mechanism does not make it easy for the user to distinguish between visually similar or identical glyphs (homoglyphs), which may cause the user to misinterpret a glyph and perform an unintended, insecure action.

Informaciones generales

Modos de introducción

Architecture and Design : This weakness may occur when characters from various character sets are allowed to be interchanged within a URL, username, email address, etc. without any notification to the user or underlying system being used.
Implementation

Plataformas aplicables

Lenguaje

Class: Not Language-Specific (Undetermined)

Tecnologías

Class: Not Technology-Specific (Undetermined)
Class: Web Based (Sometimes)

Consecuencias comunes

Alcance	Impacto	Probabilidad
Integrity Confidentiality	Other Note: An attacker may ultimately redirect a user to a malicious website, by deceiving the user into believing the URL they are accessing is a trusted domain. However, the attack can also be used to forge log entries by using homoglyphs in usernames. Homoglyph manipulations are often the first step towards executing advanced attacks such as stealing a user's credentials, Cross-Site Scripting (XSS), or log forgery. If an attacker redirects a user to a malicious site, the attacker can mimic a trusted domain to steal account credentials and perform actions on behalf of the user, without the user's knowledge. Similarly, an attacker could create a username for a website that contains homoglyph characters, making it difficult for an admin to review logs and determine which users performed which actions.

Ejemplos observados

Referencias	Descripción
CVE-2013-7236	web forum allows impersonation of users with homoglyphs in account names
CVE-2012-0584	Improper character restriction in URLs in web browser
CVE-2009-0652	Incomplete denylist does not include homoglyphs of "/" and "?" characters in URLs
CVE-2017-5015	web browser does not convert hyphens to punycode, allowing IDN spoofing in URLs
CVE-2005-0233	homoglyph spoofing using punycode in URLs and certificates
CVE-2005-0234	homoglyph spoofing using punycode in URLs and certificates
CVE-2005-0235	homoglyph spoofing using punycode in URLs and certificates

Mitigaciones potenciales

Phases : Implementation
Phases : Implementation

Métodos de detección

Manual Dynamic Analysis

If utilizing user accounts, attempt to submit a username that contains homoglyphs. Similarly, check to see if links containing homoglyphs can be sent via email, web browsers, or other mechanisms.
Efectividad : Moderate

Notas de mapeo de vulnerabilidades

Justificación : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comentario : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Patrones de ataque relacionados

CAPEC-ID	Nombre del patrón de ataque
CAPEC-632	Homograph Attack via Homoglyphs An adversary registers a domain name containing a homoglyph, leading the registered domain to appear the same as a trusted domain. A homograph attack leverages the fact that different characters among various character sets look the same to the user. Homograph attacks must generally be combined with other attacks, such as phishing attacks, in order to direct Internet traffic to the adversary-controlled destinations.

Referencias

REF-7

Writing Secure Code
Michael Howard, David LeBlanc.
https://www.microsoftpressstore.com/store/writing-secure-code-9780735617223

REF-8

The 2011 IDN Homograph Attack Mitigation Survey
Gregory Baatard, Peter Hannay.
https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1174&context=ecuworks2012

Envío

Nombre	Organización	Fecha	Fecha de lanzamiento	Version
CWE Content Team	MITRE	2017-07-24 +00:00	2017-11-08 +00:00	2.12

Modificaciones

Nombre	Organización	Fecha	Comentario
CWE Content Team	MITRE	2018-03-27 +00:00	updated Demonstrative_Examples, Description, References
CWE Content Team	MITRE	2019-01-03 +00:00	updated Demonstrative_Examples, Description, Related_Attack_Patterns
CWE Content Team	MITRE	2020-02-24 +00:00	updated Applicable_Platforms, Relationships
CWE Content Team	MITRE	2020-06-25 +00:00	updated Observed_Examples
CWE Content Team	MITRE	2022-10-13 +00:00	updated Demonstrative_Examples
CWE Content Team	MITRE	2023-01-31 +00:00	updated Demonstrative_Examples, Description, Related_Attack_Patterns
CWE Content Team	MITRE	2023-04-27 +00:00	updated Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes
CWE Content Team	MITRE	2025-09-09 +00:00	updated References
CWE Content Team	MITRE	2025-12-11 +00:00	updated Applicable_Platforms

Detalle CWE-1007