Hejsa
Har fået nedenstående sendt fra en af mine venner. Jeg véd ikke, hvor
alvorlig, man skal tage det. Det er jo før set, at Secunia Securities
har været ude med riven for at skaffe sig kunder med mere eller mindre
fine metoder, - så...... who knows??
Skulle det være tilfældet, at der er en alvorlig sikkerhedsbrist, - som
Secunia påstår, - kan jeg så til nedenstående liste yderligere tilføje
flg. browsere:
iCab X 3.0
iCab 2.9.x Classic (afprøvet ver. 2.9.7 og 2.9.8)
WaMCom X 1.3.1 (svarer til Mozilla 1.5)
WaMCom 1.3.1 Classic
Opera 5.01 Classic
Opera 6.0 classic
Opera X 6.01
Opera 8.01 Final Release, Macintosh (OS X only)
mvh. Erik Richard
-------- Original Message --------
Secunia Securities has advised of 'Dialog Origin Spoofing
Vulnerability' for the following browsers:
Safari
iCab
Internet Explorer
Internet Explorer for Mac
Mozilla/Firefox/Camino
Opera
===quote======quote======quote======quote======quote===
DESCRIPTION:
Secunia Research has discovered a vulnerability in [the browser],
which can be
exploited by malicious web sites to spoof dialog boxes.
The problem is that JavaScript dialog boxes do not display or include
their origin, which allows a new window to open e.g. a prompt dialog
box, which appears to be from a trusted site.
Successful exploitation normally requires that a user is tricked into
opening a link from a malicious web site to a trusted web site.
Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
<
http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/>
=== end
COMMENTS:
Safari - The vulnerability has been confirmed in version 2.0 (412).
Prior
versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.
iCab - The vulnerability has been confirmed in version 2.9.8. Prior
versions
may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.
Microsoft Internet Explorer - The vulnerability has been confirmed in
a fully updated version 6.0. Prior versions may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.
Internet Explorer for Mac - The vulnerability has been confirmed in
version 5.2.3. Prior versions
may also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.
Mozilla/Firefox/Camino - The vulnerability has been confirmed in
Mozilla 1.7.8, FireFox 1.04, and Camino 0.8.4. Prior versions may
also be affected.
SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.
Opera - The vulnerability has been confirmed in version 8.0. Prior
versions
may also be affected.
SOLUTION:
Update to version 8.01. <
http://www.opera.com/download/>
=====================================================
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
K.M.L. Denmark by Erik Richard S¿rensen, Member of ADC
<kmldenmark_NOSP@M_stofanet.dk>
*Music Recording, Editing & Publishing - Also Smaller Quantities
*Software - For Theological Education - And For Physically Impaired
*Nisus - The Future In Text & Mail Processing <
http://www.nisus.com>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~