[Secunia] - opening link from malicious site in new tab can be used to spoof dialog box & steal info from it.

VERIFIED DUPLICATE of bug 262887

Status

()

Core
Security
VERIFIED DUPLICATE of bug 262887
13 years ago
13 years ago

People

(Reporter: Patrick, Assigned: dveditz)

Tracking

Trunk
x86
Windows XP
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

13 years ago
Inactive tabs can launch dialog boxes so they appear to be displayed by a web
site in another tab. This can be exploited by a malicious web site to show a
dialog box, which seems to originate from a trusted web site. Successful
exploitation would normally require that a user is tricked into opening a link
from a malicious web site to a trusted web site in a new tab.
(Reporter)

Comment 1

13 years ago
Darn summary got screwed up.

I'm not sure if this was posted yet, but it didn't show up in Bugzilla
Summary: box by Sse → [Secunia] - opening link from malicious site in new tab can be used to spoof dialog box & steal info from it.
(Reporter)

Comment 2

13 years ago
bug 124750?
(Assignee)

Comment 3

13 years ago
bug 124750 is the second part of it, but I'll dupe this to the meta bug.

*** This bug has been marked as a duplicate of 262887 ***
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → DUPLICATE
(Assignee)

Updated

13 years ago
Group: security
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.