Welcome to WebProNews Breaking eBusiness and Search News
Advertise | Newsletter | Sitemap | News Feeds News Feed 
 WebProNews Search Part of the iEntry network iEntry inc. 

Gosh, What A Huge Surprise, IE, Firefox Still Spoofable

David Utter
Expert Author
Published: 2005-06-22

WebProNews RSS Feed


Our friends at Danish security research firm Secunia demonstrate how JavaScript is not your browser's friend.

A less-critical vulnerability regarding the potential for spoofing scams utilizing JavaScript has been disclosed by Secunia.

And due to the way JavaScript works, all browsers that support it, including the forthcoming Firefox 1.0.5, can be victimized by the vulnerability.

According to Secunia, JavaScript dialog boxes do not display or include their origin. A malicious site can open a dialog box while making it appear to come from a trusted site. Secunia recommends that users not browse trusted and untrusted sites at the same time.

The exploit would require a person to first visit a malicious site, the sort that a phishing e-mail would deliver as a link. After going to the bad site, a user would be redirected to a legitimate site, either by clicking a link or simple redirection.

But the bogus site would then toss up a JavaScript dialog box, and anything the user enters there would be captured by the fake web site.

For users of tabbed browsing, like that in Firefox or the new MSN toolbar service for Internet Explorer, users who have to work with a bank or credit card site, or when making an online purchase, should only have a tab open for that site.

Mac users shouldn't ignore this warning. Safari browsers also can be vulnerable to this issue, since it is specific to JavaScript and not a particular operating system.

Secunia has previously discussed this vulnerability.




Receive Our Daily Email of Breaking eBusiness News

About the Author:
David Utter is a staff writer for WebProNews covering technology and business. Email him here.

WebProNews RSS Feed

More Articles

Contact WebProNews
Advertisement





TOP NEWS

Targeted Information for Business
WebProNews is part of the iEntry network
Internet Business: Marketing: Small Business:
WebProNews MarketingNewz SmallBusinessNewz
WebProWorld AdvertisingDay PromoteNews
EcommNewz SalesNewz EntrepreneurNewz

Software: Search Engines: Web Design:
WebMasterFree Jayde B2B DesignNewz
NetworkingFiles SearchZA FlashNewz
SecurityConfig SearchNewz WebSiteNotes

Developer: IT Management: Security:
DevWebPro ITManagement SecurityProNews
DevNewz SysAdminNews SecurityConfig
TheDevWeb NetworkingFiles NetworkNewz
The iEntry Network consists of over 100 web publications reaching millions of Internet Professionals. Contact us to advertise.
eBUSINESS RESOURCES






 Advertise | Contact Us | Corporate | Newsletter | Sitemap | Submit an Article | News Feeds
 WebProNews is an iEntry, Inc. ® publication - $line) { echo $line ; } ?> All Rights Reserved
About WebProNews
WebProNews is the number one source for eBusiness News. Over 5 million eBusiness professionals read WebProNews and other iEntry business and tech publications.

WebProNews provides real-time coverage of internet business.

Free Email Newsletters:
WebProNews SearchNewz
WebProWorld DevWebPro
Marketing SecurityNews
Plus over 100 other newsletters!

Send me relevant info on products and services.


WebProWorld
Ten most recent posts.

NetworkingFiles
Featured Software

WebProNews in the News
View all recent mentions of WebProNews from around the world!

Recent Articles On ...
Google eBusiness
Yahoo Ask Jeeves
MSN Blogs
Search Engines Blogging
Affiliate Programs Marketing
eCommerce Advertising
eBay Sun Microsystems
AOL Adsense
Microsoft Adwords
Oracle IBM
Amazon Apple
SEM Mac
SEO iPod
Adsense XBox
PR Adobe



iEntry.com WebProWorld RSS Feed WebProWorld Contact WebProNews Print Version Email a friend Bookmark us