Spoofing bug found in IE 7
IE 7, released last week, allows a Web site to display a pop-up that can contain a spoofed Web address, security monitoring company Secunia said Wednesday. An attacker could exploit this weakness to trick people into believing they are on a trusted Web site when in fact they are viewing a malicious page, Secunia said in an alert.
"This makes it possible to only display a part of the address bar, which may trick users into performing certain unintended actions," Secunia said. The company has created a demonstration that shows a Microsoft Web address in the pop up window, but displays content from Secunia.
IE 7, released last week, allows a Web site to display a pop-up that can contain a spoofed Web address, security monitoring company Secunia said Wednesday. An attacker could exploit this weakness to trick people into believing they are on a trusted Web site when in fact they are viewing a malicious page, Secunia said in an alert.
"This makes it possible to only display a part of the address bar, which may trick users into performing certain unintended actions," Secunia said. The company has created a demonstration that shows a Microsoft Web address in the pop up window, but displays content from Secunia.
Labels: Security
0 Comments:
Post a Comment
<< Home