<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d5879416\x26blogName\x3dThe+J+Spotter\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dSILVER\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://jangelo.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://jangelo.blogspot.com/\x26vt\x3d-4550191991343502374', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

The J Spotter

Personal insights from the J Spot author J. Angelo Racoma
( this site has moved to http://jangelo.racoma.net )

The J Spotter » MozzillaZine: Mozilla and Other Browsers Vulnerable to Tabbed Browsing Spoofing AttackThe

MozzillaZine: Mozilla and Other Browsers Vulnerable to Tabbed Browsing Spoofing AttackThe

An excerpt from an article posted in MozillaZine on 20 October 2004:

Mozilla and Other Browsers Vulnerable to Tabbed Browsing Spoofing Attack

Wednesday October 20th, 2004

Secunia has issued an advisory regarding tabbed browsing spoofing vulnerabilities in the Mozilla series of browsers. One spoof involves persuading the user to open a link to a trusted site in a new tab and then opening a JavaScript input box that appears to come from the trusted site when it actually sends its data back to the trickster. Another flaw again requires the user to open a link to a trusted site in a new tab, though this time the spoofer uses JavaScript to continually move focus back to a form field on the malicious page without causing the active tab to change from the trusted site. This means that a user who tries to enter form data on the trusted page will instead be passing information to the attacker. Slashdot has an article about this latest spoofing flaw, which also covers other browser holes published by Secunia today. According to Secunia's original tabbed browsing vulnerability advisory, the Mozilla Foundation was informed on October 4th, sixteen days ago.

Read more here.
| Previous item: The Sassy Lawyer on the right against self-incrimi... »
| Previous item: MLQIII: The Long View : Making ends meet »
| Previous item: Pawns in a Political Chess Game (on INQ7.net's art... »
| Previous item: Joey Alarilla on Talking Points »
| Previous item: The Philippines in the Medium-Term: the benefits o... »
| Previous item: Children and round objects »
| Previous item: The Twilight of Newspapers »
| Previous item: Updates (color scheme, subscription) »
| Previous item: I/P Updates - News and Information for Intellectua... »

» Post a Comment