You are not registered yet. Please click here to register!
View Single Post - [Alert] Multiple Browsers Window Injection Vulnerability
Thread: [Alert] Multiple Browsers Window Injection Vulnerability
View Single Post
Old 10-12-2004, 12:03 AM   #2 (permalink)
eva2000
Administrator
eva2000's PC Specs
 
Join Date: Jul 22 2004
Location: Brisbane, Australia
Posts: 22,929
twitter.com/i4memorycom Facebook Page livestream.com/i4memorycom
Blog Entries: 42
Work Around:

For Firefox users work arounds as listed at

https://bugzilla.mozilla.org/show_bug.cgi?id=273699

and

http://mozillanews.org/?article_date...12-08+06-48-46

Workarounds

Note that, although the attack site can inject its own content, it cannot change the URL appearing in the Location Bar. Firefox and Mozilla have the ability to deny access to the Location Bar so all pop-up windows always have it. To turn on this feature:

1. Enter about:config in the Location Bar.
2. Enter dom.disable_window_open_feature.location in the filter field.
3. Right-click (Ctrl+click on Mac OS) the preference option and choose Toggle (the value should change to true).
eva2000 is offline   Reply With Quote