5,227,324
User tracking across domains, processes (in some cases) and windows/tabs is
demonstrated by exploiting several vulnerabilities in major browsers (Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, and to a limited extent Google Chrome). Additionally, new cross-domain information leakage, and cross domain attacks are described, which provide a foundation for attacks such as “in session phishing”.
According to Opera’s security team, Opera is vulnerable as well, but it was not researched by the author.
Amit Klein
September-November 2008