Kandu.dk - Browser sikkerhedsbrist !?!


/ Forside / Teknologi / Hardware / Mac / Nyhedsindlæg

Glemt dit kodeord?

Brugernavn*

Kodeord *

Husk mig

Brugerservice

Kom godt i gang

Bliv medlem

Seneste indlæg

Find en bruger

Stil et spørgsmål

Skriv et tip

Fortæl en ven

Pointsystemet

Kontakt Kandu.dk

Emnevisning

Kategorier

Alfabetisk

Karriere

Interesser

Teknologi

Reklame

Top 10 brugere

Mac

#	Navn	Point
1	UlrikB	4810
2	kipros	1675
3	Klaudi	1010
4	myg	920
5	pifo	907
6	Stouenberg	838
7	molokyle	830
8	Bille1948	815
9	rotw	760
10	EXTERMINA..	750

Browser sikkerhedsbrist !?!
Fra : Erik Richard

Dato : 22-06-05 21:05

Hejsa

Har fået nedenstående sendt fra en af mine venner. Jeg véd ikke, hvor
alvorlig, man skal tage det. Det er jo før set, at Secunia Securities
har været ude med riven for at skaffe sig kunder med mere eller mindre
fine metoder, - så...... who knows??

Skulle det være tilfældet, at der er en alvorlig sikkerhedsbrist, - som
Secunia påstår, - kan jeg så til nedenstående liste yderligere tilføje
flg. browsere:

iCab X 3.0
iCab 2.9.x Classic (afprøvet ver. 2.9.7 og 2.9.8)
WaMCom X 1.3.1 (svarer til Mozilla 1.5)
WaMCom 1.3.1 Classic
Opera 5.01 Classic
Opera 6.0 classic
Opera X 6.01
Opera 8.01 Final Release, Macintosh (OS X only)

mvh. Erik Richard

-------- Original Message --------
Secunia Securities has advised of 'Dialog Origin Spoofing
Vulnerability' for the following browsers:

Safari
iCab
Internet Explorer
Internet Explorer for Mac
Mozilla/Firefox/Camino
Opera

===quote======quote======quote======quote======quote===
DESCRIPTION:
Secunia Research has discovered a vulnerability in [the browser],
which can be
exploited by malicious web sites to spoof dialog boxes.

The problem is that JavaScript dialog boxes do not display or include
their origin, which allows a new window to open e.g. a prompt dialog
box, which appears to be from a trusted site.

Successful exploitation normally requires that a user is tricked into
opening a link from a malicious web site to a trusted web site.

Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
<http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/>
=== end

COMMENTS:

Safari - The vulnerability has been confirmed in version 2.0 (412).
Prior
versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

iCab - The vulnerability has been confirmed in version 2.9.8. Prior
versions
may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Microsoft Internet Explorer - The vulnerability has been confirmed in
a fully updated version 6.0. Prior versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Internet Explorer for Mac - The vulnerability has been confirmed in
version 5.2.3. Prior versions
may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Mozilla/Firefox/Camino - The vulnerability has been confirmed in
Mozilla 1.7.8, FireFox 1.04, and Camino 0.8.4. Prior versions may
also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Opera - The vulnerability has been confirmed in version 8.0. Prior
versions
may also be affected.
SOLUTION:
Update to version 8.01. <http://www.opera.com/download/>
=====================================================

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
K.M.L. Denmark by Erik Richard S¿rensen, Member of ADC
<kmldenmark_NOSP@M_stofanet.dk>
*Music Recording, Editing & Publishing - Also Smaller Quantities
*Software - For Theological Education - And For Physically Impaired
*Nisus - The Future In Text & Mail Processing <http://www.nisus.com>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Søg

Reklame

Statistik

Spørgsmål :	177508
Tips :	31968
Nyheder :	719565
Indlæg :	6408575
Brugere :	218887

Månedens bedste

Årets bedste

Sidste års bedste