Language Selection

English French German Italian Portuguese Spanish

Spoofing flaw resurfaces in Mozilla browsers

Filed under
Security

A 7-year-old flaw that could let an attacker place malicious content on trusted Web sites has resurfaced in the most recent Firefox browser, Secunia has warned.

The flaw, which also affects some other Mozilla Foundation programs, lies in the way the software handles frames, which are a way of showing Web content in separate parts of the browser window. The applications don't check whether the frames displayed in a single window all originate from the same Web site, Secunia said in an advisory on Monday. Firefox 1.x, Mozilla 1.7.x and Camino 0.x versions are vulnerable to the flaw, the security monitoring company said.

As a result, an attacker could insert content into a frame on a trusted Web site, Secunia said. Account holders who believe they are interacting with a frame belonging to an online bank could be tricked into giving up personal information or downloading malicious code, for example. Secunia rated the issue "moderately critical."

The same "frame injection" vulnerability in Mozilla's browsers was detailed by Secunia in July of last year. At the time, it did not affect the most recent versions of the applications.

For a spoofing attempt to work, a surfer would need to have both the attacker's Web site and a trusted Web site open in different windows. A click on a link on the malicious site would then display the attacker's content in a frame on the trusted Web site, Secunia said. The company advised people not to visit trusted and untrusted Web sites at the same time.

The Mozilla Foundation is investigating the Secunia report, a representative for the organization said.

The vulnerability has not been exploited, a moderator of a support forum on the Mozilla Web site wrote Monday, in response to the Secunia alert.

For protection, the moderator advises people to close all other windows and tabs before accessing a Web site such as a bank or online store that requires them to type in personal data.

With its initial release last fall, Firefox has demonstrated that the mature Web browser market dominated by Microsoft's Internet Explorer can be shaken up. IE has begun to see its market share dip slightly--a first in a number of years.

Source.

Secunia Advisory.

More in Tux Machines

Antivirus Live CD 12.0 Has Been Released, Promises to Protect Computers Against Viruses

Zbigniew Konojacki, the creator of the 4MLinux series of distributions, has announced recently the immediate availability for download of Antivirus Live CD 12.0, an open source distribution that provides users with a live Linux computing environment built around the popular ClamAV (Clam AntiVirus) virus scanner. Read more

Ubuntu Phone Jailbreak Now Available, Third-Party App Store Created

Believe it or not, Ubuntu Phones can be jailbroken too, sort of. In a recent blog post, Ubuntu Touch OS developer Michael Zanetti explains how he managed to create a third-part App Store for the Ubuntu Touch mobile operating system that will allow some open doors for power users and developers who want to explore the platform beyond what’s offered to the normal user. Read more

Take A Look At These Good Residence Safety Tips

Most individuals know dwelling security is important, however many people don't understand it. It's greatest to do more analysis on home security and be taught about the totally different programs available. Maintain studying for great tips on house safety.

If you utilize a social media site akin to Facebook it may be tempting to inform everyone that you are planning to go away or are already away. Strive your finest to not put up about being away until you might be back, especially in case your web site shouldn't be private. You by no means know who may very properly be watching and see it as a possibility to interrupt in.

Do not depart your garage doors open, even in case you are presently home. Burglars will try to get in by approach of the garage, and whether it is open, they can simply break by means of the door to your home. Use a keypad that requires a mixture to permit access into your house.

You ought to just bear in mind to have a very good lock on any doorways to the outside. Deadbolts can really provide that further home security that you simply need. Deadbolts cannot be jimmied open as easily as an ordinary knob lock. A door that's not safe is an open invitation for trouble. Go Here

Do not record your full name within the cellphone e book or in your mail box. This may give possible intruders numerous details about you and allow them break into your home loads easier. Instead, only list your final identify and probably your first preliminary, that is a lot safer.

Make positive to rent a house safety company with a good reputation in your community. Test references with your folks and neighbors, in addition to establishments like the Better Business Bureau. Discovering a company with a very good repute is essential since you wish to make sure your company will stand behind their security plan and promises.

One of the most important areas of concern with reference to dwelling security is the landscaping of your home. Do not let your bushes and other landscaping grow to the place it will probably hide entry points into your home. Thieves just love to have the ability to stay hidden while they enter and go away your personal home, so preserve your bushes trimmed.

When people come to your door unexpectedly, ask who's there before you open the door. Even if you dwell in a neighborhood that does not have a excessive crime price, it's still a good idea to be careful. If the particular person on the opposite side is hesitant about replying, never open the door.

If you are planning on happening trip, you have to hire someone to look after your home. Savvy thieves know what to look for when scouting out houses to rob. Uncut grass, newspapers piled up on the doorstep and unshoveled snow on the facet stroll are all signs that a home-owner is away on vacation.

Doing easy issues like putting up a fence, a "large canine" signal or a peephole in the door will help immensely with defending you and your family. Don't take a chance in phrases of your family. Keep in mind the ideas in this article so you can really feel protected and secure.

Swiss mull law change to allow sharing open source

Switzerland’s statutory law might be changed to allow federal public administrations to publish their software as open source, reports the Swiss Parliamentary Group on Digital Sustainability. The Federal Council (Upper House) is to consider if changes to the law are needed, upon request by the National Council (Lower House). Read more