Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Firefox iFrame Bug Bypasses URL Protections

Posted by CmdrTaco on from the is-nothing-safe-any-more dept.

Trailrunner7 writes "There is a newly discovered vulnerability in Mozilla's flagship Firefox browser that could enable an attacker to trick a user into providing his login credentials for a given site by using an obfuscated URL. In most cases, Firefox will display an alert when a URL has been obfuscated, but by using an iFrame, an attacker can evade this layer of protection, possibly leading to a compromise of the user's sensitive information."

1 of 118 comments (clear)

  1. Once again, kids by Pojut · · Score: 4, Insightful

    Never click on a URL within an email to take you to a website...always go directly to the website yourself.

    Also, use some common sense. You're the 30,000th person today who has been told they are the one millionth visitor...ignore the temptation to smack that bear (or whatever flash ads are doing nowadays)

    --
    Living With a Nerd