Get a Pentest and security assessment of your IT network.

News

New Firefox Flaw Enables URL Spoofing, Code Injection

Security researcher Michal Zalewski has identified a problem with the way that Mozilla Firefox handles links that are opened in a new browser window or tab. The vulnerability, which Mozilla has fixed in the upcoming version 3.6.4 of Firefox, has the effect of tricking users into thinking that they re visiting a legitimate site while instead sending arbitrary attacker-controlled code to their browsers. The harder way is to use an URL that legitimately returns HTTP 204; the easier way is simply call window.stop().

Source: https://threatpost.com/new-firefox-flaw-enables-url-spoofing-code-injection-062210/74138/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Vulnerabilities In Alibaba threatens security of million users

News

Russian cybercriminal Roman Seleznev gets another prison sentence