gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76793 Posts in 13502 Topics by 1651 Members - Latest Member: Arnold99 October 13, 2024, 07:03:45 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  New Firefox iFrame Bug Bypasses URL Protections
gfx
gfxgfx
 

Author Topic: New Firefox iFrame Bug Bypasses URL Protections  (Read 542 times)

0 Members and 1 Guest are viewing this topic.

Offline p2p rules

  • Forum Member
New Firefox iFrame Bug Bypasses URL Protections
« on: August 18, 2010, 04:40:01 am »
Quote
There is a newly discovered vulnerability in Mozilla’s flagship Firefox browser that could enable an attacker to trick a user into providing his login credentials for a given site by using an obfuscated URL. In most cases, Firefox will display an alert when a URL has been obfuscated, but by using an iFrame, an attacker can evade this layer of protection, possibly leading to a compromise of the user’s sensitive information. The problem of URL obfuscation is not a new one, and neither is it novel for attackers to use iFrames as an infection vector for visitors to a compromised Web site. Web-based attacks have been employing various forms of URL obfuscation for years now, and iFrames are a favorite of attackers because of their ability to perform malicious actions in the background of a victim’s Web session. The new bug in Firefox could allow an attacker to combine these two techniques to prevent the browser from warning the victim that a URL has been modified, removing a key protection mechanism from the equation.
threatpost.com
bugzilla.mozilla.org

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  New Firefox iFrame Bug Bypasses URL Protections
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.011 seconds with 22 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!