Vulnerablility discovered in how Firefox handles bookmarks
Posted by Suresh on 22 February, 2007
No comments yet
Michal Zalewski has discovered an interesting vulnerability in how Firefox handles bookmarks.
It is relatively easy to trick a casual user into bookmarking a window that does not point to any physical location, but rather, is an inline data: URL scheme otherwise convincingly pretending to be a “tangible” webpage.
When the bookmark is later clicked, javascript [...]
