lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Thu, 3 Jan 2008 08:12:06 +0200
From: "avivra" <avivra@...il.com>
To: <bugtraq@...urityfocus.com>,
	<full-disclosure@...ts.grok.org.uk>
Subject: Yet another Dialog Spoofing Vulnerability -
	Firefox Basic Authentication

Summary
Mozilla Firefox allows spoofing the information presented in the basic
authentication dialog box. This can allow an attacker to conduct phishing
attacks, by tricking the user to believe that the authentication dialog box
is from a trusted website.

Affected versions
Mozilla Firefox v2.0.0.11. 
Prior versions and other Mozilla products may also be affected.

http://aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthen
tication.aspx


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux