New Firefox iFrame Bug Bypasses URL Protections

Trailrunner7 writes "There is a newly discovered vulnerability in Mozilla's flagship Firefox browser that could enable an attacker to trick a user into providing his login credentials for a given site by using an obfuscated URL. In most cases, Firefox will display an alert when a URL has been obfuscated, but by using an iFrame, an attacker can evade this layer of protection, possibly leading to a compromise of the user's sensitive information."

Sigh...

[Anonymous Coward]

When will people finally migrate away from Windows, IE and all the security flaws?

Wait a sec...

Re:Once again, kids

[PolygamousRanchKid]

...ignore the temptation to smack that bear (or whatever flash ads are doing nowadays)

I think the expression that you are looking for is spank that monkey.

Re:Once again, kids

[Anonymous Coward]

30,000th person today who has been told they are the one millionth visitor

Hmmmm ... I like those odds.

This does not affect my Firefox version

[rshxd]

I run a Mac and Macs are clearly immune from this because we do not get hacked nor get viruses. Brb, downloading this .pdf someone just sent me. I don't know who they are but I think I won some kind of lottery

Re:Once again, kids

[jbarr]

You're the 30,000th person today who has been told they are the one millionth visitor.

Cool! What do I win?!?

Re:iFrame?

[WrongSizeGlass]

iFrames are commonly used to iNfect websites. iT's not always put there by the web designer.

Re:iFrame?

[Anonymous Coward]

iFrames are commonly used to iNfect websites.

And you don't have to be an iNstein to discover that.