Get a Pentest and security assessment of your IT network.

Cyber Security

New Firefox Flaw Enables URL Spoofing, Code Injection

Security researcher Michal Zalewski has identified a problem with the way that Mozilla Firefox handles links that are opened in a new browser window or tab. The vulnerability, which Mozilla has fixed in the upcoming version 3.6.4 of Firefox, has the effect of tricking users into thinking that they re visiting a legitimate site while instead sending arbitrary attacker-controlled code to their browsers. The harder way is to use an URL that legitimately returns HTTP 204; the easier way is simply call window.stop().

Source: https://threatpost.com/new-firefox-flaw-enables-url-spoofing-code-injection-062210/74138/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation