Java tab spoofing vuln. in NS7.2 OS X

by Antony

SillyDog701 member Juha-Matti Laurio told us Java tab spoofing vulnerability in Netscape 7.2 in OS X

[A] vulnerability in Netscape, which can be exploited by malicious people to conduct phishing attacks.

The problem is caused due to errors in the displaying of Java applets in a window when multiple tabs are used. This can be exploited to spoof the content of a HTML document from another HTML document being in a different tab.

UPDATED
SillyDog701 has confirmed this vulnerability exist in Netscape 7.2 for OS X 10.3.5, Mozilla 1.7, Firefox 0.9.3, under both Mac OS X (Panther) 10.3.5 and OS X (Jaguar) 10.2.8.
This vulnerability does not exist in Safari 1.2.3, Camino 0.8.1.

> Please check "Java tab spoofing vulnerability in Netscape 7.2 in OS X" (SD701 Forums) for latest information.


Posted by Antony Shen on August 28, 2004 11:45 AM

more August 2004 stories or Year 2004 stories