Jump to content

Quick navigation: Deposit accounts Credit cards Brokerages Other bonuses Referral exchange



Photo
- - - - -

High Priority: Firefox, Mozilla, & IE


  • Please log in to reply
1 reply to this topic

#1 pangya88

pangya88

    Super Member

  • GoodMembers
  • 126 posts

Posted 08 June 2005 - 03:17 AM

I just tested my browsers, and they are vulnerable to the flaws.

I actually have the latest version of Internet Explorer and Firefox. This is pretty serious stuff if you bank online.

Make sure to test your browsers for the flaws.



link

Firefox Vulnerable To 7-Year-Old Bug
June 6, 2005

Mozilla's current browsers, including the popular stand-alone Firefox, are susceptible, again, to a seven-year-old vulnerability that could let attackers spoof Web sites, a security company said Monday.

According to Danish security firm Secunia, Mozilla 1.7.x and Firefox 1.x are vulnerable to a frame injection flaw that first surfaced in 1998. Hackers could exploit the bug to insert their own content into the view of a legitimate site, to, for instance, pose as the log-in frame, then collect usernames and passwords to online bank accounts.

"The flaw means that if you are viewing a trusted site in one window (PayPal or your bank) and open a site belonging to a spoofer in another window, the spoofer can insert code in the window showing the trusted site," wrote a moderator on Mozilla's online forum Monday.

Secunia rated the bug as "moderately critical," and posted an example exploit so users could test their browser for the flaw. The same vulnerability was spotted in Firefox, as well as virtually every other browser in use, almost a year ago, and fixed in a pre-release version of Firefox and in Mozilla 1.7. The new vulnerability is a slight variation of that fixed flaw.

"To protect yourself, close all other windows/tabs before accessing a site where you routinely put in a secure password (your bank or PayPal account), or your bank or credit card details (e.g. Amazon), or other sensitive data," recommended Mozilla's online moderator.

#2 keller2650

keller2650

    New Member

  • Members
  • 4 posts

Posted 11 June 2005 - 05:45 PM

QUOTE(pangya88 @ Jun 7 2005, 10:17 PM)
I just tested my browsers, and they are vulnerable to the flaws.

I actually have the latest version of Internet Explorer and Firefox.  This is pretty serious stuff if you bank online.

Make sure to test your browsers for the flaws.

     

link

Firefox Vulnerable To 7-Year-Old Bug 
June 6, 2005   
   
Mozilla's current browsers, including the popular stand-alone Firefox, are susceptible, again, to a seven-year-old vulnerability that could let attackers spoof Web sites, a security company said Monday.

According to Danish security firm Secunia, Mozilla 1.7.x and Firefox 1.x are vulnerable to a frame injection flaw that first surfaced in 1998. Hackers could exploit the bug to insert their own content into the view of a legitimate site, to, for instance, pose as the log-in frame, then collect usernames and passwords to online bank accounts.

"The flaw means that if you are viewing a trusted site in one window (PayPal or your bank) and open a site belonging to a spoofer in another window, the spoofer can insert code in the window showing the trusted site," wrote a moderator on Mozilla's online forum Monday.

Secunia rated the bug as "moderately critical," and posted an example exploit  so users could test their browser for the flaw. The same vulnerability was spotted in Firefox, as well as virtually every other browser in use, almost a year ago, and fixed in a pre-release version of Firefox and in Mozilla 1.7. The new vulnerability is a slight variation of that fixed flaw.

"To protect yourself, close all other windows/tabs before accessing a site where you routinely put in a secure password (your bank or PayPal account), or your bank or credit card details (e.g. Amazon), or other sensitive data," recommended Mozilla's online moderator.
View Post







Stats