Rob Garrett - Blogs
Welcome to Rob Garrett - Blogs Sign in | Join | Help
in Search
Google
Home Blogs Gadgets Advertisements

Software/Technology Discussion

Software and Technology Tid-bits

Browser Venerability

http://secunia.com/multiple_browsers_window_injection_vulnerability_test/

Secunia has reported a Windows Injection Venerability, which allows insecure web sites to hijack other secure web sites by exploiting named pop-up windows. This venerability affects most browsers, including Internet Explorer 6 on Windows XP SP2, Mozilla Firefox, Opera and Netscape. Secunia's web site has details on how to check if your browser is affected. So far the only solution available is to not browse insecure sites whilst a secure site is in session.

Share this post: Email it! | bookmark it! | digg it! | reddit!
Published Thursday, December 09, 2004 9:31 AM by Rob Garrett

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

 

Eli Allen said:

Looks like for the "bad" site to do its job it has to be the one to open up the "trusted" site in order to get the window name. So just don't visit trusted sites from untrusted sites.

But then I don't seem to be vulnerable going by the proof of concept.
December 9, 2004 9:48 AM
 

Eli Allen said:

Ignore my previous comment. Be careful about trusting all popups
December 9, 2004 6:03 PM

Leave a Comment

(required) 
(optional)
(required) 
Submit

Blurb


Head Shot
Rob Garrett is a British Expat living in Maryland USA. Rob is a trained software engineer and experienced in Windows .NET development.

Rob enjoys listening to Rock music, posting to blogs, driving in the country with the sunroof open, beer (not in conjunction with country driving) and spending time with his family.

This Blog

Recent Posts

Syndication

Archives
Rob Garrett © 2007
Powered by Community Server, by Telligent Systems