Tuesday, December 02, 2008   
  Search   
 
 
Register  Login  
Forums  
     Minimize  

Welcome to MeraWindows forums.

Thank you for being at the Microsoft Windows Community Site. You may have to register before posting in forums. It's absolutely free. After registering, you can get all the benefits available to our registered members, you can access our Downloads section, you can participate in contests, etc. You can post in forums in English as well as in Hindi, in fact we encourage you to use Hindi in your posts. If you have any problem with registration or login, please contact us.
     
  


 
  Microsoft Windows Forums  News & Feedback  Latest News  Firefox and IE vulnerable to fake login pages
Previous Previous
 
Next Next
New Post 11/24/2006 7:05 AM
User is offline Srinath Sadda
1230 posts
www.meraTechExplorer.com
MW Addict




Firefox and IE vulnerable to fake login pages 
Mozilla's Firefox 2 and Microsoft's Internet Explorer 7 are vulnerable to a flaw that could allow attackers to steal passwords.

Dubbed a reverse cross-site request, or RCSR, vulnerability by its discoverer, Robert Chapin, the flaw lets hackers compromise users' passwords and usernames by presenting them with a fake login form. Firefox Password Manager will automatically enter any saved passwords and usernames into the form.

The data is then automatically sent to an attacker's computer without the user's knowledge, according to the Chapin Information Services site.

An exploit for this flaw has already been seen on social-networking site MySpace.com, and it could affect anyone using a blog or forum that allows user-generated HTML code to be added, according to Chapin.

"Users of both Firefox and Internet Explorer need to be aware that their information can be stolen in this way when visiting blog and forum Web sites at trusted addresses," Chapin said.

According to security company Netcraft, which discovered the exploit being used on MySpace, a fraudulent login page was hosted on the company's own servers.

View: News.com
 
New Post 11/25/2006 11:24 PM
User is offline Srinath Sadda
1230 posts
www.meraTechExplorer.com
MW Addict




Re: Firefox and IE vulnerable to fake login pages 

Critical Firefox hole allows password theft


Vulnerability lies in browser's Password Manager software

View : http://www.computerworld.com
 
 Page 1 of 1
Previous Previous
 
Next Next
  Microsoft Windows Forums  News & Feedback  Latest News  Firefox and IE vulnerable to fake login pages


   Get Your Own E-Mail Account @MeraWindows.com Minimize  
New Page 1 New Page 1
Show your cool quotient with @merawindows.com email account
     
  
 
 
Terms Of Use   Privacy Statement  
© 2008 MeraWindows.com