The vulnerability is found in all popular browsers

13th June 2006

Immediately several companies, which specialize in questions of computer safety, reported the detection of vulnerability in all extended browsers. The hole, with which deals the discussion, as notes Techweb, theoretically makes it possible for criminals to obtain the unsanctioned access to confidential user data, for example, information about bank accounts or passwords. Problem is connected with function JavaScript "OnKeyDown" and provides the possibility of the interception of the symbols,entered by user from the keyboard into the form on the Web page. According to the information of Danish company Secunia, the breach is present in browsers Internet Explorer of version 6.x or earlier modifications, Firefox versions 1.x, Netscape 8.x or earlier modifications, Mozilla versions up to 1.7.x and packet SeaMonkey 1.x and below. Situation deteriorates even and by the fact that the problem does not depend on the operating system utilized on the computer - attack can be realized to the machines, which work under control of Windows, Linux and Mac OS X. Patch for the hole at present does not exist. However, it is necessary to note that to organize attack on the computer through this breach is possible only with the condition of fulfilling the specific actions by potential victim. Therefore company Secunia described the breach of slightly hazardous.