Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Browsers Have JS Pop-Up Flaw

Posted by Zonk on from the security-flaws-build-character dept.

An anonymous reader writes "Secunia is warning that several popular browsers contain a vulnerability that could allow a phishing attack. 'The problem is that JavaScript dialog boxes do not display or include their origin, which allows a new window to open -- for example, a prompt dialog box -- which appears to be from a trusted site,' Secunia said. The browsers include the latest versions of IE, IE for Mac, Safari, iCab, Mozilla, Mozilla Firefox and Camino. Opera 7 and 8 are also affected but not 8.01."

8 of 397 comments (clear)

  1. Let's see... by Jlunix · · Score: 0, Troll

    How long takes to fix the free browsers...

    1. Re:Let's see... by hostyle · · Score: 0, Troll

      Lets see how much longer it takes to fix the non-free browsers ... (this is an old story / dupe BTW)

      --
      Caesar si viveret, ad remum dareris.
    2. Re:Let's see... by wallykeyster · · Score: 1, Troll
      How long takes to fix the free browsers...

      Firefox has been working on it and Opera fixed it. Microsoft says they aren't going to fix it since it is a "feature". Even better, Microsoft's answer is for users to install XP SP2 and make sure the firewall is enabled. Beautiful...

    3. Re:Let's see... by hostyle · · Score: 0, Troll

      free as in speech or beer?

      --
      Caesar si viveret, ad remum dareris.
  2. hello by Masa1991 · · Score: 0, Troll

    Everybody hates popups!

  3. Re:Safari by Slashcrap · · Score: 0, Troll

    Have you ever used Objective-C? It's the SLOWEST compiled environment ever! And, because there's no garbage collection, etc, it's certainly no more secure than "raw" C (because all of C is legal in Objective-C). In many cases, Objective C is slower than Java becasue of it's "run-time" binding.

    Please don't confront Mac zealots with facts. I find it to be an extremely cruel and unnecessary practice.

    Kind of like kicking puppies or telling small children that Santa Claus doesn't exist.

    And it's not as if you're likely to accomplish anything.

  4. Nice try, Opera... by kryptx · · Score: 0, Troll

    ...but I'm still not going to buy your browser.

    --
    Mods: Do you disagree with me? Go ahead and mod me down. Meta-mods will sort it out. Good luck!
  5. One question: by hacker · · Score: 0, Troll

    What's a popup? I haven't seen a single browser popup in at least 3 years now with any of my browsers.