Reading time: less than 1 minute
Security expert Michal Zalewski discovered four new defects in popular browsers Internet Explorer and Mozilla Firefox. Segundo o site BetaNews, the four vulnerabilities, two are assigned to the Mozilla Foundation program and two to the Microsoft browser. One of the most serious cracks in IE is (either version 6, as in the new version 7) and allows, through JavaScript code, that cookies, information stored by online systems and websites, be stolen or set.
Besides that, imperfection taken as criticism also opens the door for other dangerous techniques such as page hijacking, where a hacker can create a fraudulent page that redirects web surfers to malicious sites; and errors in memory.
The most serious problem encountered in Firefox would be the possibility of using iframes to cross-site attacks, that would give hackers the chance to install keyloggers or other malicious code in a legítimo.Considerado serious site, a similar bug was discovered in 2006 and although the Mozilla Foundation has solved the problem, Zalewski said that some remaining gaps, as reported PC World site.
Of the two other vulnerabilities, one would download and run without user interaction files in Firefox, while another only affects IE6, why certain sites could show false addresses in the program's address bar.
Mozilla already said he was aware of the problems, that they were entered in the Foundation's programs bug system. Already Microsoft said it is investigating the case, but so far it has not been notified of any attack.
Source: Indrops
