“A European security vendor warned Wednesday that most browsers sport a bug that hackers can exploit to spoof a Web site and trick users into trusting bogus pop-up windows.
The vulnerability, which Danish security firm Secunia rated as "moderately critical" is similar to previous bugs in browsers that was disclosed in July and September of 2004. Attackers could use it to add content into a trusted Web site's window by, for instance, inserting a fake form in a pop-up window seemingly opened by that site.
Affected browsers, said Secunia, include the popular Internet Explorer and the up-and-coming Firefox, as well as third-tier alternatives like Mozilla, Opera, Apple's Safari, and the open-source Konqueror.
IE 5.01, 5.5, and 6.x are vulnerable, claimed Secunia, and the "vulnerability has been confirmed on a fully patched system with Microsoft Windows XP SP1/SP2."
Secunia has posted a test that users can run to determine if their browser's got the bug”http://www.crn.com/sections/breakingnews/dailyarchives.jhtml?articleId=55300447
Posts
No comments:
Post a Comment