[Full-disclosure] Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication
avivra
avivra at gmail.com
Thu Jan 3 06:12:06 GMT 2008
Summary
Mozilla Firefox allows spoofing the information presented in the basic
authentication dialog box. This can allow an attacker to conduct phishing
attacks, by tricking the user to believe that the authentication dialog box
is from a trusted website.
Affected versions
Mozilla Firefox v2.0.0.11.
Prior versions and other Mozilla products may also be affected.
http://aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthen
tication.aspx
Full-Disclosure is hosted and sponsored by Secunia.