Secunia Reports Another IE7 Flaw
Ericka Chickowski writes on SC Magazine Online:
Secunia today reported a new vulnerability in Internet Explorer 7 (IE7) that can be exploited to conduct phishing attacks.More here.
The vulnerability reporting firm said that an anonymous tip lead them to the vulnerability, which allows the browser to display a popup with a spoofed address bar that has special characters appended to the URL. The vulnerability makes it possible to only display a part of the address bar, which could potentially fool users into believing in the pop-up's credibility.
The hole is listed as a "Less Critical" vulnerability by Secunia, which has a demonstration of the vulnerability on its site. According to Thomas Kristensen of Secunia, it might be possible for the vigilant user to spot something that isn't quite right when a pop-up occurs but he is worried about the danger to average users.
posted by Fergie @ 10/25/2006 11:00:00 AM
0 Comments:
Post a Comment
<< Home