Closed Bug 264943 Opened 20 years ago Closed 20 years ago

Potential spoofing via frame(set)

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 265123

People

(Reporter: mcsmurf, Assigned: dveditz)

Details

In IE recently a security bug was discovered that when you set
javascript:document.write("<iframe src='http://www.heisec.de' width='100%'
height='100%'></iframe>"); as homepage, visit for example http://www.mozilla.org
and go to your Homepage, it still displays http://www.mozilla.org as URL, but in
reality you're on www.heisec.de. For Mozilla the same applys, you just need
another URL javascript:document.write('<frameset><frame 
src="http://www.heisec.de" width="100%" height="100%"></frameset>')
If you then execute javascript:document.close() after it, it would close the
non-visible mozilla.org. I'm not sure if this such a critical bug, that it needs
fixing.
Same applies for current FF nightlies => Confirming.
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
The page is still mozilla.org, since that's what wrote out the frameset.  I'm
not sure what makes you think "but in reality you're on www.heisec.de".

*** This bug has been marked as a duplicate of 265123 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
v.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.