<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Full Disclosure: Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication

Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication

From: avivra <avivra_at_gmail.com>
Date: Thu, 3 Jan 2008 08:12:06 +0200

Summary
Mozilla Firefox allows spoofing the information presented in the basic
authentication dialog box. This can allow an attacker to conduct phishing
attacks, by tricking the user to believe that the authentication dialog box
is from a trusted website.

Affected versions
Mozilla Firefox v2.0.0.11.
Prior versions and other Mozilla products may also be affected.

http://aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthen
tication.aspx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Jan 02 2008

This message: [ Message body ]
Next message: Michal Zalewski: "Re: Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication"
Previous message: scott: "Re: Critical Vulnerability in [Full-Disclosure]"
Next in thread: Michal Zalewski: "Re: Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication"
Reply: Michal Zalewski: "Re: Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]