Closed Bug 276234 Opened 20 years ago Closed 20 years ago

Dialog Spoofing Vulnerability

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Version:
1.0 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED INVALID

People

(Reporter: kelly_worth2003, Assigned: bugzilla)

References

(
URL
)

Details

Vulnerability:"Window injection Vulnerability" 

found this Vulnerability on http://secunia.com/product/4227/ 

The problem is that a website can inject content into another site's window if
the target name of the window is known. This can e.g. be exploited by a
malicious website to spoof the content of a pop-up window opened on a trusted
website. 

This Vulnerability can be eliminated by selecting the load images from
originating   website only. of course then images from a particular website such
as http://www.amazon.co.uk wouldnt load.
The url listed in this bug is Secunia's Firefox vulnerability page. Each of the
four vulnerabilities listed at the page have separate bugs in bugzilla. All
advisory pages look like http://secunia.com/advisories/ then some number not
http://secunia.com/product/ then some number.
URL: http://secunia.com/product/4227/
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
OS: Linux → All
Hardware: PC → All
Resolution: --- → INVALID
Status: RESOLVED → VERIFIED
the correct advisory <http://secunia.com/advisories/13129/> event mentions the
bugzilla number : bug 273699

Very good work. You can visit this https://bit.ly/3hf9Onn

Thanks

You need to log in before you can comment on or make changes to this bug.