 Secunia Research has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to spoof the content of websites.
The problem is that a website can inject content into another site's window
if the target name of the window is known. This can e.g. be exploited by a malicious
website to spoof the content of a pop-up window opened on a trusted website.
Secunia has constructed a test, which can be used to check if your browser
is affected by this issue:
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/
The vulnerability has been confirmed on a fully patched system with Internet
Explorer 6.0 and Microsoft Windows XP SP1/SP2.
SOFTWARE:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
SOLUTION:
Do not browse untrusted sites while browsing trusted sites.
PROVIDED AND/OR DISCOVERED BY:
Secunia Research
ORIGINAL ADVISORY:
http://secunia.com/secunia_research/2004-13/advisory/
| 
Contribute :
Advanced Search :
Web Resources :
Polls :
File Repository
