Mozilla Foundation Security Advisory 2009-44

Mozilla Foundation Security Advisory 2009-44 Title: Location bar and SSL indicator spoofing via window.open on invalid URL Impact: Moderate Announced: August 3, 2009 Reporter: Juan Pablo Lopez Yacubian Products: Firefox Fixed in: Firefox 3.5.2 Firefox 3.0.13 Description Security researcher Juan...

Design/Logic Flaw

Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls th...

CVE-2009-2654

Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls th...

Location bar and SSL indicator spoofing via window.open() on invalid URL — Mozilla

Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within the new document, appearing to have come from the spoofed location. Additionally, if the...

Hardcoded credentials

Google Chrome 0.2.149.29 and 0.2.149.30 allows remote attackers to cause a denial of service memory consumption via an HTML document containing a carriage return "\r\n\r\n" argument to the window.open function...

googsaf-dos.txt

Google Chrome and Safari for windows Window.open & alert DoS reported here = http://code.google.com/p/chromium/issues/detail?id=2966 Product Version : 0.2.149.30 2200 URLs if applicable : Other browsers tested: Add OK or FAIL after other browsers where you have tested this issue: Safari 3.1.2: FA...

Cross site scripting

Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page...

CVE-2008-1006

Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page...

CVE-2008-1006

Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page...

CVE-2004-2491

CVE-2004-2491 describes a race condition in Opera 7.53 Build 3850 that causes the address bar to be filled before the page is loaded, enabling remote attackers to spoof the URL via window.open and location.replace and potentially facilitate phishing. Affected product: Opera Web Browser 7.53 Build...

Microsoft Internet Explorer 4/5 / Outlook 98 - 'window.open' Redirect

Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 3/Windows NT 4,Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4,Outlook 98 0 window.open Redirect Vulnerability source: https://www.securityfocus.com/bid/766/info If window.open is called with a target URL that redirects to a...