Detection of vulnerabilities in Firefox browser
Security experts have discovered a flaw in the Firefox browser, potentially allowing hackers to steal user information on websites that allow users to create separate sites, such as MySpace.com. .
The vulnerability lies in password management software - Firefox's Password Manager, which can be controlled to send password information to an attacker's website. To exploit successfully, hackers need to create an HTML form on blogs or social networks.
This method was used in MySpace phishing attacks last October. In particular, users who register for MySpace accounts are easily tricked into accessing fake log-in pages. This page will send password information and MySpace username to another website. In particular, if users use Firefox, the ability to exploit the vulnerability is very likely to occur.
Firefox developers rated the vulnerability at "extremely dangerous" level, affecting all current versions of Firefox.
According to security experts, IE is likely to be affected by this type of attack, because like Firefox, this browser does not guarantee that the password information is being sent to the same server. it requires. But IE is less affected by the browser, but it also does some checking of the log-in forms before automatically sending passwords and user information.
- Two new vulnerabilities were discovered in Firefox
- Firefox 'patch', IE again
- What's new in Firefox 1.5?
- Change the look for Firefox
- Acoo browser: mesmerizing web browser
- Mozilla Firefox browser is exploited
- Firefox 2.0 is delayed until October
- Mozilla tested the new Firefox browser
- Mozilla accelerates Firefox 3
- Mozilla patches Firefox
- Mozilla tested Firefox 3.0
- Firefox 21 times safer than IE?