Tuesday, June 07, 2005

Spoofing flaw resurfaces in Mozilla browsers | CNET News.com

This is the latest advisory from Secunia:
"A 7-year-old flaw that could let an attacker place malicious content on trusted Web sites has resurfaced in the most recent Firefox browser, Secunia has warned."
I couldn't reproduce the flaw on my machine because I have set a tab-browsing option on my machine for Firefox. This setting doesn't allow clicking a link to open a new window unless I specifically right click on the link and choose "Open Link in New Window". The preference can be turned on like so: Tools->Options->Tabs->Force links that open new windows to open in->a new tab.

This doesn't take away from the fact that this flaw should be fixed and the Mozilla source should be scrubbed for more flaws like this one.

No comments:

Post a Comment