homenewsreviewscompare pricestalk
NEW TODAY:
NEWS Sony starts "Designed for Walkman" scheme    NEWS Fibre-based broadband bill could be £30 billion   NEWS Apple watchers warn of "underwhelming" event    REVIEW Samsung P500 notebook   NEWS Vertu and Boucheron team up for luxury phones   NEWS WEBSITE OF THE DAY - radiopop.co.uk                                                                           

CIS declares Firefox Password Manager unsafe

MySpace details may be compromised in unpatched flaw

NEWS: 29 January 2007 17:34 GMT by Amber Maitland

CIS is reporting today that efforts by MySpace to fix a flaw that tricks users into entering their login details in to a bogus web page have failed.

CIS said that a Reverse Cross Site Request can still be injected into a MySpace.com email message.

News of the flaw first broke on 23 November, when CIS warned Firefox 2 and IE7 users to be careful of the vulnerability, which allows attackers to get users' login details by showing them a fake login form.

This tricks Firefox Password Manager into filling in the saved details. CIS reviewed the vulnerability on 19 January, after Firefox version 2.0.0.1 was released, but the version didn't contain a fix.

CIS is therefore warning users to disable the Password Manager so that they don't fall prey to a malicious bogus webpage.

>> Read - Firefox and IE7 vulnerable to password-stealing attack


disable ad
Have Your Say
(Email address will not be published)

CIS declares Firefox Password Manager unsafe Image
Zoom/See more images

Tags


Latest in Software

NEWS WEBSITE OF THE DAY - radiopop.co.uk
NEWS VIDEO: Tech week in view 05/09/08
NEWS Weekly news roundup - 05/09/08
NEWS Daily news roundup - 05/09/08
NEWS Comment: Microsoft's Gates/Seinfeld ad bombs

Latest on Pocket-lint.co.uk

NEWS Sony starts "Designed for Walkman" scheme
NEWS Fibre-based broadband bill could be £30 billion
NEWS Apple watchers warn of "underwhelming" event
REVIEW Samsung P500 notebook
NEWS Vertu and Boucheron team up for luxury phones




Top Stories

Comment: Microsoft

NEWS
Comment: Microsoft Ad Bombs

New campaign gets panned by public and industry alike

Weekly news roundup - 05/09/08

NEWS
Weekly News Roundup

The best of the week's news in a handy roundup

Microsoft Live Office Workspace hits a million

NEWS
Microsoft Hits Million Milestone

Six month milestone for cloud computing service



Came straight to this page? Visit Pocket-lint.co.uk for all the latest news and reviews.

disable ad

Broadband?

Compare 50+ deals available to you

Powered by Top 10 Broadband

Pocket-lint.co.uk poll

Q. Would you pay a premium for a stylish laptop?

Vote YES?
Vote NO?

LAST TIME
When asked Are you addicted to the internet? 60% said yes and 40% said no



disable ad
 

Also available on

news now logo google news logo news yahoo logo

All external sites will open in a new browser. Pocket-lint.co.uk does not endorse external sites. Copyright 2003 - 2008 Pocket-Lint Ltd.

Pocket-lint sites: www.pocket-lint.co.uk | www.photographypress.co.uk | www.gamesdog.co.uk | www.megawhat.tv
disable ad