Internet Explorer and Firefox suffers from a new zero day flaw

AddThis Feed Button

June 8th, 2006 Leave a comment Visited 22 times, 1 so far today

Internet Explorer and Firefox suffers from a new zero day flaw

More security flaws have been discovered. This time it affects both Internet Explorer and Mozilla Firefox web browsers.

Security organizations have warned that users of IE and Mozilla applications (Firefox, Seamonkey, Mozilla Suite) are vulnerable to a JavaScript bug that could allow a determined attacker to dupe users into giving up sensitive personal information.

Since the problem is related to the JavaScript engine, it affects the browsers on all the platforms. Symantec said in a statement on this bug: “This issue is triggered by utilizing JavaScript ‘OnKeyDown’ events to capture and duplicate keystrokes from users.”

It added: “Exploiting this issue requires that users manually type the full path of files that attackers wish to download…[and] may require substantial typing from targeted users, so keyboard-based games, blogs, or other similar pages are likely to be utilized by attackers to entice users to enter the required keyboard input to exploit this issue.”

Secunia has ranked this bug as “less critical” as the bug requires a lot of user interactivity to work.


Tags , , ,
Author Somanshu   Category: News

« Microsoft removes PC-to-PC Sync from Windows Vista
Microsoft Windows Vista Beta 2 in Public Beta now »


TechWhack on Facebook

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

One Comment

  1. #
    sirdarckcat
    June 18th, 2006 at 05:58 am

    The exploit of this bug can be found here:

    http://www.securityfocus.com/archive/82/436876/30/0/threaded
    http://foro.elhacker.net/index.php?topic=126383.msg590990

    Greetings!!

    Reply to this comment

Leave a Comment

Related Posts

  • No related posts

Popular Posts

blank