A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned.
The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, could allow hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.
Read more at Cnet
Bug found in Firefox - phishing fears arise
Posted on Saturday, Jan 08 2005 @ 18:24 CET by Thomas De Maesschalck