Skip to navigation

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.

Latest News

Phishing vulnerability identified in Mozilla

Posted on 14 Jun 2004 at 17:09

A security vulnerability has been discovered in the Windows versions of the Mozilla and Firefox Web browsers.

A Secunia Advisory 11856 says, 'A weakness has been reported in Mozilla, allowing malicious people to conduct phishing attacks. The weakness is caused due to an error within the handling of URLs. This can be exploited to potentially trick users into supplying sensitive information to a malicious web site, because information displayed in the address bar can be constructed in a certain way, which may lead users to believe that they're visiting another web site than the displayed web site.'

The flaw can only be exploited if a malicious site's domain supports wildcard DNS and accepts invalid values in the 'Host:' header.

The vulnerability has been confirmed in Mozilla 1.6 and 1.7rc3 and Firefox 0.8 and 0.9rc for Windows. Other versions may also be affected. It is rated 'less critical'.

Secunia advises that users of these browsers do not follow links from untrusted sources and input URLs manually in the address bar.

Author: Simon Aughton

Be the first to comment this article

You need to Login or Register to comment.

(optional)

advertisement

Most Commented News Stories
Latest Blog Posts Subscribe to our RSS Feeds
Latest Reviews Subscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2008