Mozilla Browser Address Bar Spoofing Weakness

2004-06-14T06:59:22
ID OSVDB:7007
Type osvdb
Reporter OSVDB
Modified 2004-06-14T06:59:22

Description

Vulnerability Description

Mozilla was reported to be vulnerable to an address bar spoofing vulnerability which could allow a malicious website to represent itself as a trusted website.

Technical Description

This vulnerability has been reported and verified for Microsoft Internet Explorer. Testing under Mozilla on Windows and OpenBSD has proven Mozilla to not be vulnerable. This is supported by a followup Security Mail List post.

Solution Description

No solution required.

Short Description

Mozilla was reported to be vulnerable to an address bar spoofing vulnerability which could allow a malicious website to represent itself as a trusted website.

References:

Secunia Advisory ID:11856 Mail List Post: http://marc.theaimsgroup.com/?l=full-disclosure&m=108696446516763&w=2