Outline · [ Standard ] · Linear+ Security Flaw found in Popular Browsers, including Firefox, Opera etc.

[Messenger]

A newly discovered security flaw in popular browsers including Firefox and Opera could be exploited by hackers to carry out phishing scams, security experts have warned.

Security services company Secunia issued an advisory detailing the issue, which allows for spoofing of web addresses. The flaw could be exploited by a malicious website to spoof the URL displayed in the address bar, SSL certificate and status bar.

The problem is due to an unintended result of the International Domain Name implementation, which allows the use of international characters in domain names, the company said.

This can be exploited by registering domain names with certain international characters that resemble other commonly used characters, causing the user to believe that they are on a trusted site.

Secunia stressed that users should not follow links from untrusted sources, and should manually type the URL in the address bar. The flaw has been confirmed in the following browsers:

Mozilla 1.7.5
Firefox 1.0
Opera 7.54u1 and 7.54u2
Konqueror 3.2.2
Netscape 7.2
Safari 1.2.4 (v125.1).

Secunia warned that other versions may also be affected. The company has constructed a test to check whether your browser is affected by this issue, which is available here.


Source: http://www.vnunet.com/news/1161104

[Pikaporeon]

The irony here is that IE isnt effected as it doesnt have the ability to view everything -_-

[lokal]

IE is vulnerable if you have the IDN plugin; tho not many people do I'd think.