Welcome to p2pnet.net - The original daily p2p and digital news site. Always First!
REGISTER | LOGIN
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
Reviews
Open Source
Mobiles
Advertising
Products
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Scroogle Search: 
Search
 
Web p2pnet   
   Search: 
Search
Torrent Site Tracker
    Sponsored by
Frostwire
 
p2pnet
 


mp3rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Tabbed browser flaws

p2pnet.net News:- Tabbed browsers such as Firefox and Opera are open to spoofing attacks.

"Inactive tabs can launch dialog boxes so they appear to be displayed by a web site in another tab," says Secunia. "This can be exploited by a malicious web site to show a dialog box, which seems to originate from a trusted web site.

"Inactive tabs can gain focus from form fields on web sites in another tab. This can potentially be exploited to collect sensitive data entered in form fields on other web sites.

"Successful exploitation would normally require that a user is tricked into opening a link from a malicious web site to a trusted web site in a new tab."

Affected browsers include:

Go to the site for your browser for tests.

Secunia rates the Firefox flaw as "Less critical" and the Opera flaw as "Moderately critical".

Opera says the flaw will be fixed in Opera 7.60.

What to do?

Until patches are issued, don’t visit trusted web sites while visiting untrusted web sites, or disable JavaScript, advises Secunia.

===================

See:-

spoofing attacks6 Secunia Security Advisories, Secunia, October 21, 2004

This entry was posted on Thursday, October 21st, 2004 at 3:08 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1765 times

« previous San Andreas on p2p nets
‘Everyone has to eat’ next »

4 Responses to “Tabbed browser flaws”

  1. Reader's Write Says:
    October 21st, 2004 at 9:23 pm

    And they said Internet Explorer was insecure!?!

  2. Reader's Write Says:
    October 21st, 2004 at 10:04 pm

    Dude, this is still a minor flaw – not like the fake address bar thing in IE.

  3. Reader's Write Says:
    October 22nd, 2004 at 1:25 am

    I never liked or used tabs anyway.
    I prefer to have all applications at the same place on the bottom.

    If you don’t use tabs the originating web site is correct (in the test).

  4. Reader's Write Says:
    October 24th, 2004 at 4:21 am

    What if you have the spoofstick extension for Firefox 1.0pr? Does that extension help root out spoofed sights from this flaw?

Leave a Reply

ONLY items referencing the post at hand, please. No links to personal sites, no personal attacks, trolling, freebie advertising, or off-topic posts. Thanks. And Cheers!

    Sponsored by
tek savvy