Multiple browsers frame injection test

Hi saw a post regarding this:

=======================================================

http://secunia.com/advisories/11978/

Test is in page above or straight to test here:

http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/

IE is susceptible, however, SP2 cures it automatically, and it *can* be fixed provided the "Allow Sub-frames to Navigate Across Different Domains" in Tools/Internet Options/Security and different zones set to either Prompt or Disable.

I tested using FF0.9.1 nothing happened.

Used IE [already had that set to prompt], got the prompt, said NO, and nothing happened.

Tried it again, said YES and part of the "test page" then appeared inside the original Microsoft test page that opened. Scary stuff if you use a web page like banking, and had it set to Allow without *any* notification.

If your browser fails, what happens is part of the Secunia page is transferred to the Microsoft test page.

TAS

 

Phew, luckily my firefox 0.9.1 is not vulnerable. I prefer using firefox than IE.

 

IE failed with flying colors. Go Microsoft!!!

Funny after this was known Opera immediatlely released a patch for it... where is our patch Microsoft?

 

Mozilla 1.7 no probs.

 

Firefox 0.9.1 passes it. Nothing happens at all.

Go Mozilla!