Computer Security

Mozilla Firefox dialog spoofing
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Mozilla Firefox dialog spoofing
Published:09.12.2009
Source:BUGTRAQ
SecurityVulns ID:10449
Type:client
Level:4/10
Description:It's possible to spoof form URL.
CVE:CVE-2009-4130 (Visual truncation vulnerability in the MakeScriptDialogTitle function in nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the origin domain name of a script via a long name.)
 CVE-2009-4129 (Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain.)
Original documentdocumenttcphttp, Mozilla Firefox JavaScript Prompt Spoofing Weakness (09.12.2009)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server