/ Forside / Teknologi / Hardware / Mac / Nyhedsindlæg
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
Mac
#NavnPoint
UlrikB 4810
kipros 1675
Klaudi 1010
myg 920
pifo 907
Stouenberg 838
molokyle 830
Bille1948 815
rotw 760
10  EXTERMINA.. 750
Browser sikkerhedsbrist !?!
Fra : Erik Richard


Dato : 22-06-05 21:05

Hejsa

Har fået nedenstående sendt fra en af mine venner. Jeg véd ikke, hvor
alvorlig, man skal tage det. Det er jo før set, at Secunia Securities
har været ude med riven for at skaffe sig kunder med mere eller mindre
fine metoder, - så...... who knows??

Skulle det være tilfældet, at der er en alvorlig sikkerhedsbrist, - som
Secunia påstår, - kan jeg så til nedenstående liste yderligere tilføje
flg. browsere:

iCab X 3.0
iCab 2.9.x Classic (afprøvet ver. 2.9.7 og 2.9.8)
WaMCom X 1.3.1 (svarer til Mozilla 1.5)
WaMCom 1.3.1 Classic
Opera 5.01 Classic
Opera 6.0 classic
Opera X 6.01
Opera 8.01 Final Release, Macintosh (OS X only)

mvh. Erik Richard

-------- Original Message --------
Secunia Securities has advised of 'Dialog Origin Spoofing
Vulnerability' for the following browsers:

Safari
iCab
Internet Explorer
Internet Explorer for Mac
Mozilla/Firefox/Camino
Opera

===quote======quote======quote======quote======quote===
DESCRIPTION:
Secunia Research has discovered a vulnerability in [the browser],
which can be
exploited by malicious web sites to spoof dialog boxes.

The problem is that JavaScript dialog boxes do not display or include
their origin, which allows a new window to open e.g. a prompt dialog
box, which appears to be from a trusted site.

Successful exploitation normally requires that a user is tricked into
opening a link from a malicious web site to a trusted web site.

Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
<http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/>
=== end

COMMENTS:

Safari - The vulnerability has been confirmed in version 2.0 (412).
Prior
versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

iCab - The vulnerability has been confirmed in version 2.9.8. Prior
versions
may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Microsoft Internet Explorer - The vulnerability has been confirmed in
a fully updated version 6.0. Prior versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Internet Explorer for Mac - The vulnerability has been confirmed in
version 5.2.3. Prior versions
may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Mozilla/Firefox/Camino - The vulnerability has been confirmed in
Mozilla 1.7.8, FireFox 1.04, and Camino 0.8.4. Prior versions may
also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

Opera - The vulnerability has been confirmed in version 8.0. Prior
versions
may also be affected.
SOLUTION:
Update to version 8.01. <http://www.opera.com/download/>
=====================================================

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
K.M.L. Denmark by Erik Richard S¿rensen, Member of ADC
<kmldenmark_NOSP@M_stofanet.dk>
*Music Recording, Editing & Publishing - Also Smaller Quantities
*Software - For Theological Education - And For Physically Impaired
*Nisus - The Future In Text & Mail Processing <http://www.nisus.com>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 
 
Søg
Reklame
Statistik
Spørgsmål : 177557
Tips : 31968
Nyheder : 719565
Indlæg : 6408868
Brugere : 218888

Månedens bedste
Årets bedste
Sidste års bedste