"Microsoft Internet Explorer isn't the only browser hit by a
spoofing flaw that could be exploited by phishers. But it also
won't be releasing a patch for it anytime soon.
"According to Secunia Research, IE, Mozilla Firefox, Opera and
Apple Safari have a similar 'flaw' related to their use of
JavaScript dialog boxes.
"'The problem is that JavaScript dialog boxes do not display or
include their origin, which allows a new window to open, e.g. a
prompt dialog box, which appears to be from a trusted site,' a
Secunia advisory states..."