Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability
Grok Headline matches for Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability
Mozilla User Interface Spoofing
Vulnerability
Mozilla User Interface Spoofing
Vulnerability
07/31/2004 07:22 PMA vulnerability has been reported in Mozilla and Mozilla Firefox,
allowing malicious websites to spoof the user interface. The problem
is that Mozilla and Mozilla Firefox don't restrict websites from
including arbitrary, remote XUL (XML User Interface Language) files.
This can be exploited to "hijack" most of the user interface
(including tool bars, SSL certificate dialogs, address bar and more),
thereby controlling almost anything the user sees.
The Mozilla user interface is built using XUL files. A PoC (Proof of
Concept) exploit for Mozilla Firefox has been published. The PoC
spoofs a SSL secured PayPal website. This has been confirmed using
Mozilla 1.7 for Linux, Mozilla Firefox 0.9.1 for Linux, Mozilla 1.7.1
for Windows and Mozilla Firefox 0.9.2 for Windows. Prior versions may
also be affected.
View:
Mozilla Bug 244965
News source:
SecuniaRead full story...Mozilla / Mozilla Firefox Download
Dialog Source Spoofing
Mozilla / Mozilla Firefox Download
Dialog Source Spoofing
01/04/2005 11:22 AMDescription: Secunia Research has discovered a vulnerability in
Mozilla / Mozilla Firefox, which can be exploited by malicious people
to spoof the source displayed in the Download Dialog box. The problem
is that long sub-domains and paths aren’t displayed correctly,
which therefore can be exploited to obfuscate what is being displayed
in the source field of the Download Dialog box. The vulnerability has
been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows,
and…
Direct and
Related Links for 'Mozilla / Mozilla Firefox Download Dialog Source
Spoofing'
Mozilla / Mozilla Firefox Vulnerability
Mozilla / Mozilla Firefox Vulnerability
09/18/2004 10:48 AMDirect and Related Links for
'Mozilla / Mozilla Firefox Vulnerability'
“Software: Mozilla 0.x, Mozilla 1.0, Mozilla 1.1, Mozilla
1.2, Mozilla 1.3, Mozilla 1.4, Mozilla 1.5, Mozilla 1.6, Mozilla
1.7.x, Mozilla Firefox 0.x Description: WESTPOINT has reported a
vulnerability in Mozilla / Mozilla Firefox, which potentially can be
exploited by malicious people to conduct session fixation attacks. For
more information: SA12341 Solution: Do not follow untrusted
links.”…
Re: Mozilla Firefox Certificate Spoofing
Re: Mozilla Firefox Certificate Spoofing
07/27/2004 04:35 PMChris Brown (Jul 27 2004)
Mozilla Firefox Certificate Spoofing
Mozilla Firefox Certificate Spoofing
07/26/2004 04:07 PME.Kellinis (Jul 25 2004)
Mozilla UI Spoofing Vulnerability
Mozilla UI Spoofing Vulnerability
07/31/2004 05:32 AMRe: [Full-Disclosure] Re: Mozilla
Firefox Certificate Spoofing
Re: [Full-Disclosure] Re: Mozilla
Firefox Certificate Spoofing
07/31/2004 05:15 PMJuan Carlos Navea (Jul 31 2004)
Mozilla / Firefox Download Dialog Source
Spoofing
Mozilla / Firefox Download Dialog Source
Spoofing
01/04/2005 11:22 AMSecunia Advisory: SA13599 Critical: Less critical Impact: Spoofing
Where: From remote Solution Status: Unpatched Software: Mozilla 1.7.x,
Mozilla Firefox 1.x Secunia Research has discovered a vulnerability in
Mozilla / Mozilla Firefox, which can be exploited by malicious people
to spoof the source displayed in the Download Dialog box. The problem
is that long sub-domains and paths aren’t displayed correctly,
which therefore can be exploited to obfuscate what is being displayed
in the source field of…
Direct and Related Links
for 'Mozilla / Firefox Download Dialog Source Spoofing'
Customizable Mozilla/Firebird user agent
spoofing
Customizable Mozilla/Firebird user agent
spoofing
12/03/2003 11:02 AMIf you're looking for customisable user agent spoofing, then
Mozilla/Firebird makes it easy. You can get the Mozilla/Firebird
plugin here; don't be fooled by the Windows screenshot -- XUL is cross
platform, remember.
I can c...
Fix for URL Spoofing Security
Vulnerability Checked in to Mozilla
Trunk and 1.6 Branch
Fix for URL Spoofing Security
Vulnerability Checked in to Mozilla
Trunk and 1.6 Branch
01/07/2004 07:08 PMMozilla 1.7.1, Mozilla Firefox 0.9.2 and
Mozilla Thunderbird 0.7.2 Released
Mozilla 1.7.1, Mozilla Firefox 0.9.2 and
Mozilla Thunderbird 0.7.2 Released
07/08/2004 08:25 PMReview of Mozilla Firefox 0.8 from the
Perspective of a Galeon User
Review of Mozilla Firefox 0.8 from the
Perspective of a Galeon User
02/10/2004 09:15 AMMozilla / Firefox Memory Exposure
Vulnerability
Mozilla / Firefox Memory Exposure
Vulnerability
04/04/2005 06:23 PMSlashdot Apr 4 2005 8:57PM GMT
Mozilla / Firefox Certificate Store
Corruption Vulnerability
Mozilla / Firefox Certificate Store
Corruption Vulnerability
07/19/2004 03:17 PMDirect and
Related Links for 'Mozilla / Firefox Certificate Store Corruption
Vulnerability'
“Marcel Boesch has reported a vulnerability in Mozilla and
Firefox, which can be exploited by malicious people to cause a DoS
(Denial of Service).”…
Mozilla Firefox Convert Robin Bloor
Switches to Mozilla Thunderbird
Mozilla Firefox Convert Robin Bloor
Switches to Mozilla Thunderbird
04/21/2004 05:07 PMIntroduction to Mozilla Firefox and
Mozilla Thunderbird for IE and Outlook
Express Users
Introduction to Mozilla Firefox and
Mozilla Thunderbird for IE and Outlook
Express Users
04/14/2005 04:08 PMMozilla Firefox JavaScript Engine
Information Disclosure Vulnerability
Mozilla Firefox JavaScript Engine
Information Disclosure Vulnerability
04/05/2005 01:58 AMSecunia Advisory: SA14820 Critical: Moderately critical Impact:
Exposure of system information, Exposure of sensitive information
Where: From remote Solution Status: Unpatched Software: Mozilla
Firefox 0.x, Mozilla Firefox 1.x A vulnerability has been discovered
in Mozilla Firefox, which can be exploited by malicious people to gain
knowledge of potentially sensitive information. The vulnerability is
caused due to an error in the JavaScript engine, as a
“lambda” replace exposes arbitrary amounts of heap memory
after the end…
D
irect and Related Links for 'Mozilla Firefox JavaScript Engine
Information Disclosure Vulnerability'
Gecko 1.8, Mozilla Firefox 1.1 and
Mozilla Thunderbird 1.1 Release Plans
Gecko 1.8, Mozilla Firefox 1.1 and
Mozilla Thunderbird 1.1 Release Plans
03/31/2005 08:53 AMMozilla Firefox 1.1, Mozilla Thunderbird
1.1 and XULRunner Release Plans
Mozilla Firefox 1.1, Mozilla Thunderbird
1.1 and XULRunner Release Plans
04/09/2005 09:58 AMFrench Mozilla Firefox and Mozilla
Thunderbird Book Published
French Mozilla Firefox and Mozilla
Thunderbird Book Published
06/05/2005 11:15 PMMozilla Firefox 0.8 and Mozilla
Thunderbird 0.5 News and Reviews
Mozilla Firefox 0.8 and Mozilla
Thunderbird 0.5 News and Reviews
02/15/2004 03:46 AM1.0 Branch Created for Mozilla Firefox
and Mozilla Thunderbird
1.0 Branch Created for Mozilla Firefox
and Mozilla Thunderbird
05/21/2004 02:11 PMRadicati: Mozilla Thunderbird Not as
Successful as Mozilla Firefox
Radicati: Mozilla Thunderbird Not as
Successful as Mozilla Firefox
04/08/2005 09:59 AMMozilla Firefox 1.0.3 and Mozilla 1.7.7
Coming
Mozilla Firefox 1.0.3 and Mozilla 1.7.7
Coming
04/05/2005 02:28 PMThe History of Mozilla Firefox: From
Phoenix, to Firebird, to Firefox
The History of Mozilla Firefox: From
Phoenix, to Firebird, to Firefox
03/31/2005 07:27 AMMozilla Firefox Reaches 1.0PR, Still
Named Firefox
Mozilla Firefox Reaches 1.0PR, Still
Named Firefox
09/14/2004 02:50 PMMozilla Firefox 1.0.2
Mozilla Firefox 1.0.2
03/23/2005 10:48 PMMozilla Firefox v0.8
Mozilla Firefox v0.8
02/10/2004 02:50 AMMozilla Firefox is a redesign of the Mozilla browser component,
similar to Galeon, K-Meleon and Camino, but written using the XUL user
interface language and designed to be cross-platform. [Freeware 6.19
MB]
New Firefox and Mozilla
New Firefox and Mozilla
04/17/2005 09:51 PMTechSpot Apr 18 2005 12:53AM GMT
Mozilla Firefox 0.9 RC
Mozilla Firefox 0.9 RC
06/09/2004 06:03 AMMozilla Firefox 0.9.3
Mozilla Firefox 0.9.3
08/04/2004 03:11 PMFirefox 1.0.3 y Mozilla 1.7
Firefox 1.0.3 y Mozilla 1.7
04/16/2005 03:18 PMMozilla FireFox 1.0PR
Mozilla FireFox 1.0PR
09/16/2004 08:56 PMZDNet Sep 17 2004 0:14AM GMT
Mozilla Firefox 0.9
Mozilla Firefox 0.9
06/15/2004 10:38 PMAn award winning preview of next generation browsing technology from
The Mozilla Foundation.
Mozilla Firefox 1.0 PR
Mozilla Firefox 1.0 PR
09/16/2004 02:01 AMA Mozilla-based browser.
A New Look At Mozilla Firefox 0.9
A New Look At Mozilla Firefox 0.9
06/14/2004 06:07 PMMozilla Firefox - Ads
Mozilla Firefox - Ads
02/10/2004 02:50 AMreally no reason to run Internet Explorer .. firefox promotional
buttons .. Mozilla Firefox ad webpage .. banner ads ..
hier
mozilla.org/products/firefox/buttons.html
track this
site | 5 links
Firefox 1.0 Preview Release and
Thunderbird 0.8 Released - Mozilla
Foundation Adds New Features to Firefox
and Thunderbird as New Apps Near 1.0
Launch
Firefox 1.0 Preview Release and
Thunderbird 0.8 Released - Mozilla
Foundation Adds New Features to Firefox
and Thunderbird as New Apps Near 1.0
Launch
09/14/2004 03:22 AMThe Mozilla Foundation today released the Mozilla Firefox 1.0 Preview
Release web browser and Mozilla Thunderbird 0.8 email client. Mozilla
Firefox 1.0 Preview Release is an innovative, secure, lightning fast
web browser that is rapidly gaining global market share. Mozilla
Thunderbird 0.8 is the Mozilla Foundation's next generation email
client. These releases bring Firefox and Thunderbird one step closer
to their much anticipated 1.0 releases, scheduled for later this fall.
[PRWEB Sep 14, 2004]
Mozilla Patches Firefox Again
Mozilla Patches Firefox Again
03/24/2005 11:38 PMTechTree Mar 25 2005 4:16AM GMT
Grok Description matches for Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability
GrokA matches for Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability
Mozilla 1.6 ActiveX Control Installer
and Scriptable ActiveX Plugin for
Mozilla 1.6 Released
Mozilla 1.6 ActiveX Control Installer
and Scriptable ActiveX Plugin for
Mozilla 1.6 Released
01/22/2004 02:39 AMFirefox Search Plugin for Sitepoint
Firefox Search Plugin for Sitepoint
06/04/2004 07:06 PMSitePoint, Australia - 8 hours ago ... search/search.php" >. DOCTYPE
HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> Install Sitepoint
Search Plugin. Put that somewhere ...
Big 3 Apple, Mozilla, And Opera Form
Browser Plugin Group
Big 3 Apple, Mozilla, And Opera Form
Browser Plugin Group
06/30/2004 08:53 PMThe rash of ActiveX Microsoft IE based exploits and viruses have
prompted three traditional competitors to banned together in an effort
to build a new standard for plugins.
Firefox extension google preview plugin
thumbnails
Firefox extension google preview plugin
thumbnails
07/25/2004 08:50 PMGooglePreview website .. GooglePreview
ackroyd.de/googlepreview
track
this site | 3 links
BetterSearch, Firefox plugin that adds
thumbnail website previews for many
sites
BetterSearch, Firefox plugin that adds
thumbnail website previews for many
sites
02/07/2005 01:27 AMBetterSearch
bettersearch.g-blog.net
track this
site | 4 links
Making Mozilla FireFox as fast as Opera
Making Mozilla FireFox as fast as Opera
06/06/2004 11:29 AMIt's been said that Opera is the fastest browser available - and it is
very, very fast. But there are ways to make Mozilla's FireFox browser
render pages every bit as quickly, with just a few easy tweaks.
LCARS ActiveX Control Package
LCARS ActiveX Control Package
12/19/2003 01:09 PMOfficial successor announced
ActiveX control download and redirection
ActiveX control download and redirection
06/15/2004 01:41 PMMartijn Brinkers (Jun 15 2004)
MS security check requires ActiveX
control
MS security check requires ActiveX
control
08/09/2004 03:21 PMi'm running the beta of SP2, and it told me visiting this page might
be unsafe.
Arbitrary file overwrite possible by
Musicmatch ActiveX control
Arbitrary file overwrite possible by
Musicmatch ActiveX control
04/15/2005 03:49 PMPosted by Hyperdose Security, Apr 15 2005
Office 2003: Adding an ActiveX Control
to a Smart Document Sample
Office 2003: Adding an ActiveX Control
to a Smart Document Sample
12/03/2003 12:40 AMUse this Visual Studio .NET sample in conjunction with the article,
"Adding an ActiveX Control to a Smart Document" available on MSDN to
learn how to embed a calendar control into the task pane of a smart
document.
This sample contains the project files and sample code for this task
as well as supporting files. To use this sample, see the article,
listed in the related links box.
[SNS Advisory No.72] Symantec Norton
AntiVirus 2004 ActiveX Control
Vulnerability
[SNS Advisory No.72] Symantec Norton
AntiVirus 2004 ActiveX Control
Vulnerability
05/21/2004 01:00 PMsnsadv (May 20 2004)
SkySof Software Releases PDFViewer OCX -
a Powerful ActiveX Control for Software
Developers Which Allows Their
Applications to Display and Interact
With PDF Files
SkySof Software Releases PDFViewer OCX -
a Powerful ActiveX Control for Software
Developers Which Allows Their
Applications to Display and Interact
With PDF Files
06/24/2005 04:28 PMPDFViewer OCX is a powerful ActiveX component for software developers.
PDFViewer OCX gives programmers full control over interacting with and
displaying Adobe® Acrobat® PDF files from within their applications.
[PRWEB Jun 23, 2005]
WMP9 Plugin for Opera 7.x v0.90
WMP9 Plugin for Opera 7.x v0.90
12/06/2003 06:41 PMOpera vs Firefox
Opera vs Firefox
02/01/2005 08:40 PMThese two good articles describes how to get more out of your Firefox,
Mozilla or Opera browser.
Using the Yahoo! search plugin in
Mozilla
Using the Yahoo! search plugin in
Mozilla
02/19/2004 01:24 AM
Somebody was looking over my shoulder the other day as I was using the
dropdown list of search plugins in Firefox (nee Firebird nee Phoenix
nee Mozilla), and was surprised to see it. Which reminded me that in
IE and Safari, the built-in search isn't extensible.
...Why I prefer Opera over Firefox
Why I prefer Opera over Firefox
12/19/2004 03:14 PMFor all my daily browsing, I prefer Opera over Firefox. Yes, I know
Firefox is open-source and all that. I...
RE: IE, Firefox, Opera DoS (*not* a DoS,
not even close)
RE: IE, Firefox, Opera DoS (*not* a DoS,
not even close)
08/28/2004 02:28 AMSteve R (Aug 26 2004)
scribe, mozilla plugin for text areas
scribe, mozilla plugin for text areas
05/17/2004 01:21 AMi always find myself hitting "ctrl-s" when writing entries,
so this is a godsend
Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability
