Web forgery overwrite with div overlay

2008-02-07T00:00:00
ID MFSA2008-11
Type mozilla
Reporter Mozilla Foundation
Modified 2008-02-07T00:00:00

Description

Security researchers Emil Ljungdahl and Lars-Olof Moilanen demonstrated that, in cases where the entire contents of a page are enclosed in a <div> with absolute positioning, a web forgery warning dialog won't be displayed unless the user switches tabs away-from then back-to the forgery page.