You are here: Known Vulnerabilities in Mozilla Products (Firefox 2.0.0.12) > MFSA 2008-11

Mozilla Foundation Security Advisory 2008-11

Title: Web forgery overwrite with div overlay
Impact: Low
Announced: February 7, 2008
Reporter: Emil Ljungdahl, Lars-Olof Moilanen
Products: Firefox

Fixed in: Firefox 2.0.0.12

Description

Security researchers Emil Ljungdahl and Lars-Olof Moilanen demonstrated that, in cases where the entire contents of a page are enclosed in a <div> with absolute positioning, a web forgery warning dialog won't be displayed unless the user switches tabs away-from then back-to the forgery page.

References