Computer Security

Opera / Firefox anti-phishing protection bypass
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Opera / Firefox anti-phishing protection bypass
Published:28.03.2007
Source:BUGTRAQ
SecurityVulns ID:7482
Type:client
Level:4/10
Description:Phishing sites embedded into IFRAME are not detected.
Affected:MOZILLA : Firefox 2.0
 OPERA : Opera 9.10
CVE:CVE-2007-1737 (Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.)
 CVE-2007-1736 (Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.)
Original documentdocumentzonafirefox_(at)_gmail.com, Bypass phishing protection in Firefox / Opera (28.03.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru