Simply put, this newly discovered vulnerability enables malicious web sites to hi-jack any named browser window (including „popups“) and replace the content with their own. An example of how it works:
A malicious web site is open in one browser window. Now, you open some trusted web site in a new window. When the trusted web site opens a popup window, the malicious web site hi-jacks it and displays content of their own (perhaps a silent installer of some sort). The possibilities are countless. The solution is quite simple, however; don’t browse untrusted sites at the same time as trusted ones. 
Visit Secunia’s site for the original report.
Þessi færsla hefur verið lesin 608 sinnum