Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Browsers Have JS Pop-Up Flaw

Posted by Zonk on from the security-flaws-build-character dept.

An anonymous reader writes "Secunia is warning that several popular browsers contain a vulnerability that could allow a phishing attack. 'The problem is that JavaScript dialog boxes do not display or include their origin, which allows a new window to open -- for example, a prompt dialog box -- which appears to be from a trusted site,' Secunia said. The browsers include the latest versions of IE, IE for Mac, Safari, iCab, Mozilla, Mozilla Firefox and Camino. Opera 7 and 8 are also affected but not 8.01."

12 of 397 comments (clear)

  1. It's a Buggy Life by Pike · · Score: 1, Funny

    Boy well, you just pop right up there, doncha!

  2. Re:Whew, I'm safe... by DenDave · · Score: 2, Funny

    Thank god I use Links

    --
    -if at first you don't succeed, stay the heck away from paragliding.
  3. Re:Whew, I'm safe... by Cylix · · Score: 4, Funny

    Thank god I don't browse the web!

    --
    "You should always go to other people's funerals; otherwise, they won't come to yours." -- Yogi Berra
  4. Re:Safari by Otter · · Score: 2, Funny
    It's because of the C++ code from KHTML -- if the whole thing had been done from the start in Objective C, there wouldn't be any problem.

    That's what happens when one doubts the infallible wisdom of Steve...

    --
    What I'm listening to now on Pandora...
  5. Front door... by Shotgun · · Score: 5, Funny

    My front door has a major flaw, in that con artist can walk up to it and claim they are from and officially federal agency and have an urgent need for me to help them.

    Doors from major outlets, including those of Lowe's and Home Depot, are affected by this flaw. Our investigations have determined that this flaw has been known for years, yet the major distributors have not plans to release an update to correct the problem.

    US Senator, C. Ritter has introduce legislation under the title "Omnibus Weak Nutz United", the OWN-U bill, that seeks to station a security agent to watch over every door in the case the occupants cannot determine that they are being conned.

    --
    Aah, change is good. -- Rafiki
    Yeah, but it ain't easy. -- Simba
  6. Re:Whew, I'm safe... by HoneyBunchesOfGoats · · Score: 4, Funny

    Thank god I don't own a computer!

  7. Re:Whew, I'm safe... by rainman_bc · · Score: 4, Funny

    Thank god I telnet to port 80 and parse it in my head

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  8. Re:Nice try, Opera... by nicomen · · Score: 2, Funny

    No problem, just download the free version: http://opera.com/download. It has a 34 pixel high banner at the top which shows contextual Google ads. And Google is still considered "good" even by Slashdot readers, no?

    --
    Nicolas Mendoza
    Prepare for MSIE 7
  9. Re:Phishing it for all it's worth by Anonymous Coward · · Score: 1, Funny

    they probably have an obsessive/compulsive, socially-maligned programmer within Secunia that just delights spending 16 hours a day trying to twist the browsers into doing what he wants.

    Do you know if they need another such programmer? I'm unemployed right now...

  10. Re:Whew, I'm safe... by packetl0ss · · Score: 3, Funny

    /me puts on a pair of shades.

  11. Lynx Rocks! by ehaggis · · Score: 2, Funny

    These security flaws do not seem to affect Lynx as often. I rarely have a new terminal "pop-up" while browsing with Lynx.

    --
    One ring to bind them - should probably have more fiber and less rings in their diet.
  12. Re:old news by jcuervo · · Score: 3, Funny
    They attack the users judgement, which unfortunately tends to be the weakest link.
    Users are idiots? The devil, you say!
    --
    Assume I was drunk when I posted this.