Pranjal Posted November 23, 2006 Share Posted November 23, 2006 Mozilla's Firefox 2 and Microsoft's Internet Explorer 7 are vulnerable to a flaw that could allow attackers to steal passwords. Dubbed a reverse cross-site request, or RCSR, vulnerability by its discoverer, Robert Chapin, the flaw lets hackers compromise users' passwords and usernames by presenting them with a fake login form. Firefox Password Manager will automatically enter any saved passwords and usernames into the form. The data is then automatically sent to an attacker's computer without the user's knowledge, according to the Chapin Information Services site. An exploit for this flaw has already been seen on social-networking site MySpace.com, and it could affect anyone using a blog or forum that allows user-generated HTML code to be added, according to Chapin. Full report: http://news.com.com/2100-1002_3-6137844.html Link to comment Share on other sites More sharing options...
Edmachine Posted November 23, 2006 Share Posted November 23, 2006 This is bad! My passwords are endangered! I hope they fix this soon, or I'll unleash a nuclear strike at both of them . We will be the arms that lift you up We will be the hand that strike you down Link to comment Share on other sites More sharing options...
Svip Posted November 23, 2006 Share Posted November 23, 2006 This is bad! My passwords are endangered! I hope they fix this soon, or I'll unleash a nuclear strike at both of them . Stop playing so much DEFCON! Any ways, it does not seem to be an issue in Firefox 3.0 (still in Alpha). So I suspect they know how to fix it. Link to comment Share on other sites More sharing options...
Edmachine Posted November 23, 2006 Share Posted November 23, 2006 This is bad! My passwords are endangered! I hope they fix this soon, or I'll unleash a nuclear strike at both of them . Stop playing so much DEFCON! Any ways, it does not seem to be an issue in Firefox 3.0 (still in Alpha). So I suspect they know how to fix it. I don't have and I don't know what is is. Is it cool? Can I nuke someone there? We will be the arms that lift you up We will be the hand that strike you down Link to comment Share on other sites More sharing options...
Svip Posted November 23, 2006 Share Posted November 23, 2006 This is bad! My passwords are endangered! I hope they fix this soon, or I'll unleash a nuclear strike at both of them . Stop playing so much DEFCON! Any ways, it does not seem to be an issue in Firefox 3.0 (still in Alpha). So I suspect they know how to fix it. I don't have and I don't know what is is. Is it cool? Can I nuke someone there? DEFCON *is* about nuking! So yes. You nuke your opponent's civilian population. everybody-dies.com Sorry for the off-topic. Link to comment Share on other sites More sharing options...
matthew1g Posted November 23, 2006 Share Posted November 23, 2006 Gets the hell on opera Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now