All the latest UK technology news, reviews and analysis
|
|
|
07 Jan 2005
A security flaw in the increasingly popular Firefox browser is exposing millions of users to phishing scams, security experts have warned.
Jakob Balle, security specialist at Secunia Research, said that the vulnerability in Firefox and Mozilla allows malicious hackers to execute phishing scams by spoofing the source URL displayed in the browser's Download Dialog box.
"The problem is that long sub-domains and paths are not displayed correctly, which can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box," he said.
A Secunia Research advisory stated that the "less critical" vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. It added that "other versions may also be affected".
"Currently, no solution is available. However, the vendor reports that this vulnerability will be fixed in upcoming versions of the affected products," Secunia stated.
Balle urged users not to follow download links from untrusted sources.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Leading Financial Trading Systems Brokerage / Capital...
Technical Consultant - Windows, Virtualisation, HP, Server...
The role requires an experienced Project Manager, particularly...
iPhone and iPad developer required! We are seeking...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?