Password vulnerability in Firefox 2
The vulnerability is caused due to the Password Manager not properly checking the URL before automatically filling in saved user credentials into forms. This may be exploited to steal user credentials via malicious forms in the same domain.
No patch – workaround is to turn off “Remember passwords for sites”
Once again, myspace is apparently being used to take advantage of the exploit. When the hell are those behind myspace going to get their act together?
http://secunia.com/advisories/23046/
http://news.zdnet.com/2100-1009_22-6137844.html
Proof of concept:
http://www.info-svc.com/news/11-21-2006/rcsr1/
Zdnet says IE7 is vulnerable, but I cannot reproduce this. The Google URL in firefox shows the password:
http://www.google.com/search?q=Chapin+Information+Services&loginuser=sam&loginpass=spade&x=&y=
IE7 does not:
http://www.google.com/search?q=Chapin+Information+Services&loginuser=&loginpass=&x=168&y=47
“Password vulnerability in Firefox 2”