"Microsoft Internet Explorer isn't the only browser hit by a spoofing flaw that could be exploited by phishers. But it also won't be releasing a patch for it anytime soon.
"According to Secunia Research, IE, Mozilla Firefox, Opera and Apple Safari have a similar 'flaw' related to their use of JavaScript dialog boxes.
"'The problem is that JavaScript dialog boxes do not display or include their origin, which allows a new window to open, e.g. a prompt dialog box, which appears to be from a trusted site,' a Secunia advisory states..."