Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spoofing Flaw Resurfaces in Mozilla Browsers

Posted by Zonk on Tuesday June 7, 2005 @02:23AM from the going-back-in-time dept.

GregThePaladin writes "A 7-year-old flaw that could let an attacker place malicious content on trusted Web sites has resurfaced in the most recent Firefox browser, Secunia has warned. The flaw, which also affects some other Mozilla Foundation programs, lies in the way the software handles frames. The applications don't check whether the frames displayed in a single window all originate from the same Web site." Commentary on this at whitedust as well.

1 of 258 comments (clear)

Min score:

Reason:

Sort:

what about tabs? by farker+haiku · 2005-06-07 02:27 · Score: 5, Interesting

from TFA:
For a spoofing attempt to work, a surfer would need to have both the attacker's Web site and a trusted Web site open in different windows.

So, uh, what about tabs? 'Cause I never have 2 windows open at the same time.

--
Your sig(k) has been stolen. There is a puff of smoke!