web browsers -- window injection vulnerabilities
Description:
A Secunia Research advisory reports:
Secunia Research has reported a vulnerability in multiple browsers,
which can be exploited by malicious people to spoof the content of
websites.
The problem is that a website can inject content into another site's
window if the target name of the window is known. This can e.g. be
exploited by a malicious website to spoof the content of a pop-up window
opened on a trusted website.
Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/
A workaround for Mozilla-based browsers is available.
http://www.freebsd.org/ports/portaudit/b0911985-6e2a-11d9-9557-000a95bc6fae.html
--
Conrad J. Sabatier <[EMAIL PROTECTED]> -- "In Unix veritas"
_______________________________________________
Support mailing list
[email protected]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]
