February 8, 2005 – (HOSTSEARCH.COM) – Secunia has reported that the Mozilla Firefox browser vulnerable to phishing attacks. The problem stems from an IDN implementation problem which would allow a malicious site to spoof the URL displayed in the address bar, SSL certificate, and status bar.
Secunia offers a
test on their site that will take a vulnerable browser to a demonstration page where the URL shows as being www.paypal.com although it is still within the Secunia website.
Until there is a patch for the flaw Secunia warns users to type in the URLs of sites they wish to visit manually and not to click on links of sites they do not fully trust.
