Mozilla / Mozilla Firefox Download Dialog Source Spoofing

Tuesday, January 4th, 2005
by Jeff Partridge

Description:
Secunia Research has discovered a vulnerability in Mozilla / Mozilla Firefox, which can be exploited by malicious people to spoof the source displayed in the Download Dialog box.

The problem is that long sub-domains and paths aren’t displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box.

The vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. Other versions may also be affected.

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

Internet, Security - Jul 23, 2008

Security Flaws In Online Banking Sites Found To Be Widespread

Carbon Dioxide Laser Resurfacing May Reduce Wrinkles
Wednesday, July 23, 2008
Closing The Hydrogen Economic Loop
Wednesday, July 23, 2008
Saharan Dust Storms Sustain Life In Atlantic Ocean
Tuesday, July 22, 2008
iTunes Allows Radiologists To Save, Sort, And Search Files
Tuesday, July 22, 2008
An ID For Alzheimer’s?
Tuesday, July 22, 2008

Energy - Jul 21, 2008

Hydrogen Vehicles Making Impressive Progress

Reclaimed Wastewater Benefits Florida’s Citrus Orchards
Monday, July 21, 2008
Researchers Discover A Gene That Regulates And Blocks Ovulation
Monday, July 21, 2008
UCSB Researcher Leads Worldwide Study On Marine Fossil Diversity
Friday, July 18, 2008
Draft Security Pub Looks At Cell Phones, PDAs
Friday, July 18, 2008
Retina Transplants Show Promise In Patients With Retinal Degeneration
Friday, July 18, 2008

Environment - Jul 15, 2008

Water: The Forgotten Crisis

Molecular Motor Works By Detecting Minute Changes In Force
Tuesday, July 15, 2008
Polished To Perfection
Tuesday, July 15, 2008
Always At Your Service
Monday, July 14, 2008
Gender, Time Of Day Affect Response To Vaccination
Monday, July 14, 2008
Can Microorganisms Be A Solution To The World’s Energy Problems?
Monday, July 14, 2008

Science - Jul 11, 2008

Early Earthquake Warning: New Tools Show Promise

10 People Killed By New CJD-Like Disease
Friday, July 11, 2008
Want To Fly? Don’t Copy The Birds And The Bees
Friday, July 11, 2008
Nanotechnology Oversight: An Agenda For The New Administration
Thursday, July 10, 2008
Aerosol Toxins From Red Tides May Cause Long-Term Health Threat
Thursday, July 10, 2008
Special Horseshoes Measure Acceleration In Horses
Thursday, July 10, 2008

Mozilla / Mozilla Firefox Download Dialog Source Spoofing

Tags

Categories

What Do You Think?

Want to Start a Blog Here for Free?

Internet, Security - Jul 23, 2008

Security Flaws In Online Banking Sites Found To Be Widespread

Energy - Jul 21, 2008

Hydrogen Vehicles Making Impressive Progress

Environment - Jul 15, 2008

Water: The Forgotten Crisis

Science - Jul 11, 2008

Early Earthquake Warning: New Tools Show Promise

What else is new in Tech News Watch?

Saharan Dust Storms Sustain Life In Atlantic Ocean

iTunes Allows Radiologists To Save, Sort, And Search Files

An ID For Alzheimer’s?

Hydrogen Vehicles Making Impressive Progress

Reclaimed Wastewater Benefits Florida’s Citrus Orchards

Random Posts From the Archives

IRS Again Delays Modernized Taxpayer Database">IRS Again Delays Modernized Taxpayer Database

AMD Opteron processors to bring in the customers">AMD Opteron processors to bring in the customers

G5 Developer Specs">G5 Developer Specs

it’s all about the Gigabitz">it’s all about the Gigabitz

Book by celebrated outlaw hacker describes tricks of the trade">Book by celebrated outlaw hacker describes tricks of the trade

Further Reading

Tags

Categories

What Do You Think?

Want to Start a Blog Here for Free?

Internet, Security - Jul 23, 2008

Energy - Jul 21, 2008

Environment - Jul 15, 2008

Science - Jul 11, 2008

What else is new in Tech News Watch?

Random Posts From the Archives

IRS Again Delays Modernized Taxpayer Database">IRS Again Delays Modernized Taxpayer Database

AMD Opteron processors to bring in the customers">AMD Opteron processors to bring in the customers

G5 Developer Specs">G5 Developer Specs

it’s all about the Gigabitz">it’s all about the Gigabitz

Book by celebrated outlaw hacker describes tricks of the trade">Book by celebrated outlaw hacker describes tricks of the trade