MozTW 討論區
https://forum.moztw.org/

Java tab spoofing vuln. in Netscape 7.2 OS X
https://forum.moztw.org/viewtopic.php?f=5&t=2935
1 頁 (共 1 頁)

發表人:  ants [ 2004-08-28, 09:43 ]
文章主題 :  Java tab spoofing vuln. in Netscape 7.2 OS X

According to http://secunia.com/advisories/12392/ ,
引言回覆:
[A] vulnerability in Netscape, which can be exploited by malicious people to conduct phishing attacks.

The problem is caused due to errors in the displaying of Java applets in a window when multiple tabs are used. This can be exploited to spoof the content of a HTML document from another HTML document being in a different tab.


I've just verified this vulnerability in Netscape 7.2 under Mac OS X 10.3.5.

A page loading with the test page Juha-Matti sent me.
圖檔

And a new tab, You can see the the Java applets are available in a complete unrelated tab.
圖檔

This vulnerability does not exist in Safari 1.2.3 or Camino 0.8.1 .
However, this vulnerability exist in Mozilla 1.7 (for Mac OS X) as well.

1 頁 (共 1 頁) 所有顯示的時間為 UTC + 8 小時
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/