IE Flaw Exposes Users To Spoof-Based Attacks

Sotos wrote to mention a C|Net article discussing a new spoof-based attack on Internet Explorer. From the article: " The problem lies in the way Microsoft has implemented a JavaScript component in its Web browser, security researcher Amit Klein wrote in a research document. Internet Explorer does not validate some data fields provided by a PC when the component, called XmlHttpRequest, is used, he wrote. The vulnerability could be exploited with specially crafted code. An attacker could spoof a legitimate Web site, access data from the Web browser's cache or stage a so-called man-in-the-middle attack, which taps into traffic between a user and another Web site, according to Klein's write-up. " Secunia has an alert up on the spoof.

What about

[temojen]

Same-source policy? Couldn't this only be used to attack the server that the script came from?

How awful is the IE codebase?

[CyricZ]

After recently working with the Mozilla codebase, I'm surprised that flaws aren't found more often. To be honest, it's a very complex beast. Perhaps overly complex. The worst part, however, is the outdated documentation. It displays the sort of attributes that often lead to bugs and security flaws.

Now, what really interests me is in how horrible the quality of the Internet Explorer code must be for it to run into so many problems. Considering how unappealing Mozilla was, I can't even begin to imagine how absolutely terrible the IE codebase is.

Perhaps somebody with experience with both could, assuming NDAs don't get in the way, describe how the quality of the two codebases compare.