Browser Venerability

Secunia has reported a Windows Injection Venerability, which allows insecure web sites to hijack other secure web sites by exploiting named pop-up windows. This venerability affects most browsers, including Internet Explorer 6 on Windows XP SP2, Mozilla Firefox, Opera and Netscape. Secunia’s web site has details on how to check if your browser is affected. So far the only solution available is to not browse insecure sites whilst a secure site is in session.

2 thoughts on “Browser Venerability

  1. http://

    Looks like for the "bad" site to do its job it has to be the one to open up the "trusted" site in order to get the window name. So just don’t visit trusted sites from untrusted sites.
    <br>But then I don’t seem to be vulnerable going by the proof of concept.

Comments are closed.