· Outpost 10F · Forums · Reply · Statistics · Search ·

Outpost 10F Forums / Archived Topics / Firefox, and IE vulnerability

Author

Message

norrisa Member

# Posted: 24 Nov 2006 14:20 Reply  A reverse cross-site request, or RCSR, flaw lets hackers compromise users' passwords and usernames by sending them a fake login form. The form information is then sent to an attacker's computer without the user's knowledge. This exploit has already been used on MySpace.com, and it could affect anyone using a blog or forum that allows user-defined HTML code to be added. Firefox and Internet Explorer users need to be aware that their information can be stolen in this way when visiting blog and forums, ect… at trusted addresses. Attacks are more likely to succeed in Firefox because Internet Explorer will not automatically fill in saved usernames and passwords, unless the RCSR form appears on the same page as a legitimate login form. Firefox users are currently being told to disable the "Remember passwords for sites" option in Firefox preferences.

Your reply

... Disable smileys

» Username  » Password  Only registered users can post here. Please enter your login/password details before posting a message.

General Chatter OTF News Star Trek Discussions Star Wars Discussions LOTR/Fantasy Discussions Game of Thrones Discussions Television Discussions ISA Intelligence Celebration Corner Gossip Corner OTF Library OTF v3 Ideas Valentine's Day Auction Trivia Gaming Simming Archived Topics Sandbox

Page loading time (secs): 0.016 Online now: Guests - 3 Members - 0 Most users ever online: 215 [30 Aug 2017 14:12] Guests - 215 / Members - 0 Powered by: miniBB™ © 2001-2024