Mozilla UI Spoofing Vulnerability

← Back to Stories (view on slashdot.org)

Mozilla UI Spoofing Vulnerability

Posted by CowboyNeal on Friday July 30, 2004 @10:06PM from the shields-up dept.

Short Circuit writes "Secunia has issued a security advisory for Mozilla and Firefox. Apparently, remote web sites can spoof the user interface using XUL. (See the Firefox proof of concept.) Of course, that won't stop me from using Firefox."

4 of 583 comments (clear)

Re:This is nothing... by westyvw · 2004-07-30 22:12 · Score: 0, Troll

Lets see how long this takes to fix.

IE months.

Mozilla 2 days tops.

HA you IE fools!
Re:I'm using Firefox... by sanctimonius+hypocrt · 2004-07-30 22:19 · Score: 0, Troll

am I really seeing slashdot, or is someone trying to spoof me
It's really Slashdot. If it were a spoof, you wouldn't have to reload so many times
Re:Vulnerability? by Halfbaked+Plan · 2004-07-31 02:43 · Score: 1, Troll

I went to that website you link that supposedly has a demo spoof page.

I use regular plain-vanilla Mozilla and have spurned the light-duty 'Firefox' (it doesn't have a 'compose' button on the lower left of the frame, which to me is a significant bug- a 'browser' that doesn't have the built-in capability to compose web pages sounds like 'consumer-grade' crap to me. Nobody who browses the web should be without some webspace of his/her own, and the tools to easily compose said web pages. Anything else is undemocratic and borderline fascistic.)

The 'demo' page preaches at me that I 'must get firefox!'

Uh, I think I'll skip downloading and installing a piece of software just to load up a sample exploit page and exhibit it's flaws.

--
resigned
Re:I'm using Firefox... by scruffy · 2004-07-31 04:23 · Score: 0, Troll

Mozilla and Firebox are cool, but spoofing sucks, 5-year old bugs suck, and so does this color scheme.