The International Domain Name (IDN) support in Omniweb 5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
https://exchange.xforce.ibmcloud.com/vulnerabilities/19236
http://www.shmoo.com/idn/homograph.txt