• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Suite/Firefox HTTP Authentication Dialogs Tab Focus Vulnerability

Mozilla Suite and Mozilla Firefox are reported prone to a vulnerability that may result in the loss of authentication credentials. It is reported that HTTP authentication dialogs do not remain focused for the tab that invoked the dialog, rather the dialog focuses over the active tab.

A remote attacker may potentially exploit this condition to aid in phishing attacks.

This vulnerability is reported to affect Firefox versions prior to version 1.0.1 and Mozilla Suite versions prior to version 1.7.6.

Netscape 7.2 is reportedly vulnerable to this issue as well. It is also possible that other versions of Netscape are affected.

K-Meleon 0.9 is affected by this vulnerability as well. Other versions could also be vulnerable.