Debian Security Advisory DSA 837-1 – Tom Ferris discovered a bug in the IDN hostname handling of Mozilla Firefox, which is also present in the other browsers from the same family that allows remote attackers to cause a denial of service and possibly execute arbitrary code via a hostname with dashes.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/40403/dsa-837-1.txt
Source: https://packetstormsecurity.com/files/40403/Debian-Linux-Security-Advisory-837-1.html