Vulnerability affects all major browsers

    Date10 Aug 2009
    Posted ByAnthony Pell
    First reports of a vulnerability apparently discovered by Microsoft at the start of this year, appeared in mid June. The vulnerability could reportedly be used to carry out man-in-the-middle attacks on HTTPS connections. Mozilla classed the risk as high and released corresponding patches for its browser. It has now become clear that the vulnerability affects many other browsers. A specially prepared proxy can inject HTML and script code into the context of a secure page. This permits modification of displayed data or, in the case of cookie-based authentication, identity theft. A security advisory from SecurityFocus, modified a few days ago, now cites Chrome, Opera, Safari and Internet Explorer as being affected.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.