Seven year old flaw found in Firefox

Posted on Tuesday, June 07 2005 @ 0:57 CEST by Thomas De Maesschalck

Security firm Secunia writes all Mozilla 1.7.x and Firefox 1.x browsers are vulnerable to a frame injection flaw that was first discovered seven years ago in 1998. The flaw allows malicious users to insert their own content into the view of trusted, legitimate sites:

"The flaw means that if you are viewing a trusted site in one window (PayPal or your bank) and open a site belonging to a spoofer in another window, the spoofer can insert code in the window showing the trusted site," wrote a moderator on Mozilla's online forum Monday.

The same vulnerability was discovered almost a year ago in virtually every browser available on the market, but a slight variation of the fixed flaw is still present in Mozilla's browsers. More details at InformationWeek

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!