The issue, which exists in the latest version of Firefox 18.104.22.168, allows an attacker to create what appears to be a dialog box from a trusted website.
Firefox fails to display characters in the “www-authenticate” header realm value after the last set of double quotes and fails to sanitize single quotes and spaces, making it possible for an attacker to create a specially crafted realm value from a well-known website, according to Raff.
An attacker can target an end-user with a specially crafted webpage with a link to a trusted website, then open the page in a new window, and eventually return the specially crafted authentication response. A fraudster can also embed an image pointing to their own server to return a basic authentication response through an email, RSS feed, forum, blog or social networking page, according to Raff.
A Mozilla representative could not be immediately reached for comment.
Firefox authentication box said to be vulnerable to spoofing for phishing attacks
By Frank Washkuch on Jan 8, 2008 4:07PM