lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070329233601.6327.qmail@securityfocus.com> Date: 29 Mar 2007 23:36:01 -0000 From: zonafirefox@...il.com To: bugtraq@...urityfocus.com Subject: Re: Re: Bypass phishing protection in Firefox / Opera yes, this what you comment is another different failure and i've commented it in the following article: http://www.zonafirefox.net/2007/02/nueva-falla-en-el-filtro-anti-phishing.html By the way, i think this new way to bypass the phishing protection is some dangerous. Demostrations again (look at the code): http://zonafirefox.googlepages.com/prueba2.html http://zonafirefox.googlepages.com/prueba.html Firefox 2.0.0.3, Opera 9.10 and Opera 9.2b fails. IE7 has no problems. A single IFRAME / OBJECT can bypass phishing protection. More info: http://www.zonafirefox.net/2007/03/salteando-el-filtro-antiphishing-con-un.html http://www.zonafirefox.net/2007/03/salteando-el-filtro-antiphishing-con.html