Commie Pinko Dirtbag
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Jul-13-04 02:17 PM
Original message |
Internet Explorer tetrafecta! |
|
http://secunia.com/advisories/12048/1) It is possible to redirect a function to another function with the same name, which allows a malicious website to access the function without the normal security restrictions.(...)
2) Malicious sites can trick users into performing actions like drag'n'drop or click on a resource without their knowledge. An example has been provided, which allows sites to add links to "Favorites". However, resources need not be links and the destination could be different than "Favorites".(...)
3) It is possible to inject arbitrary script code into Channel links in Favorites, which will be executed when the Channel is added. The script code is executed in Local Security Zone context.(...)
4) It is possible to place arbitrary content above any other window and dialog box using the "Window.createPopup()" function. This can be exploited to "alter" the appearance of dialog boxes and other windows.(...) Get. Firefox. Now.
|
Commie Pinko Dirtbag
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Jul-13-04 04:13 PM
Response to Original message |
cheezus
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Jul-13-04 04:15 PM
Response to Reply #1 |
2. you may need a more alarming title |
DU
AdBot (1000+ posts) |
Thu Apr 25th 2024, 09:31 PM
Response to Original message |