There is a new Firefox vulnerability allows malicious code into browsers, revealing users' Google accounts. The vulnerability allows hackers to access Google accounts, including Gmail, with cross site scripting attacks.
A client or server side exploit can be inserted into zip files via open document formats from Microsoft Office 2007 and OpenOffice. According to the Web site, affected platforms range from Web mail clients, collaboration and document sharing systems and other Web 2.0 applications from large software vendors including Google and Microsoft.
While Mozilla has not issued a solution to the problem, application firewalls and proxy servers can be used to block Windows Universal Resource Identifiers (URIs) that contain the JAR protocol.
Full Story
No comments:
Post a Comment