Firefox Browser Tabbed Browsing Errors Let Remote Users Spoof Sites and Obtain Information
Categorie: Vulnerability Posted: 2004-10-22 by ReCall Views: 486 Source: Click here
Current Rating: Not rated
Details
Description: A vulnerability was reported in the Firefox browser in the tabbed browsing feature. A remote user may be able to spoof web page functions or obtain potentially sensitive information from the target user.
Secunia Research reported that when a target user has multiple tabs open, an inactive tab can issue a dialog box that will be displayed even though the target user is currently viewing a different tab. As a result, a remote user may be able to spoof functions on the web site in the active tab.
It is also reported that a web form field in an inactive tab can gain focus. As a result, a target user that is not paying attention to the display monitor may type information into a form on the inactive tab.
