|
Mozilla And Firefox Vulnerable To Old Frame Injection Trick
By David Utter
Staff Writer
Article Date: 2005-06-06
Something old is new again. Reports by Danish security firm Secunia indicate both Mozilla and Firefox browsers are susceptible to a flaw first discovered in 1998.
A malicious coder could use the vulnerability to spoof a legitimate web site, and gather personal information from users tricked into visiting and interacting with the spoofed site.
Secunia rates the flaw as moderately critical, and confirms it exists in Firefox 1.0.4 and Mozilla 1.7.8. Mozilla has recommended users close all other tabs in the window before visiting a site where personal information will be entered.
Mozilla has been very quick to deal with security issues as they have arisen. Users should visit the Mozilla web site for updates on the flaw and for a patch when it becomes available.
Last month, Mozilla had to quickly fix three significant security flaws discovered during Mother's Day weekend.
It appears the growing popularity of Firefox has placed it into the sights of more malicious attackers. Users who have moved from Microsoft's Internet Explorer to Firefox are starting to find security problems following them to the new browser.
Browser security is an industry problem, not just a problem of manufacturers, as a member of the IE team at Microsoft observed online.
More information on Secunia's findings, including a link where a user may test their Firefox or Mozilla browser for the vulnerability, may be found online.
About the Author:
David Utter is a staff writer for WebProNews covering technology and business.
|
|
