Spoofing vulnerability in Firefox
A design error in the Firefox browser can allow phishers to conceal the true origins of a web page from the user. This could be used to place extremely deceptively genuine looking web pages from organisations such as banks, eBay, PayPal and other providers on the web (spoofing). Browser security specialist Michal Zalewski has provided a demonstration web page to enable interested users to understand the problem. The demo works with Firefox 1.5 and 2.0.
- Firefox about:blank spoofing demos, description and demo of the vulnerability from Michal Zalewski