Technology news and Jobs 
Information Technology News Firefox authentication spoofing vulnerability
Information Technology News Firefox authentication spoofing vulnerability | Firefox authentication spoofing vulnerability |
|
|
|
| Written by Stephen Withers | |
| Monday, 07 January 2008 | |
|
Aviv Raff, who brought the problem to light, says possible exploits include links to "trusted website" such as banks, PayPal or webmail services, coupled with scripting to redirect the newly opened window to the attacker's server. Other browsers, such as Internet Explorer and Opera display the data in a format that makes it more obvious that the information came from a site other than the one from which it purports to originate. "Until Mozilla fixes this vulnerability, I recommend not to provide username and password to web sites which show this dialog," says Raff. According to the Mozilla Security Blog, "Mozilla is currently investigating this issue and has assigned it an initial security severity rating of low."
Get stories like this delivered daily - FREE - subscribe now When you subscribe get a 12 months license for LiveProject Valued at $99 USD  Download the FREE iTWire desktop alert widget
  |
Tags
| Next > |
|---|
Subscribe to iTWire's daily e-newsletter now and get a FREE 12 month license to project management software valued at $99 USD. 
