Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Internet Explorer URL parsing vulnerability
From: Andreas Plesner Jacobsen <apj () mutt dk>
Date: Wed, 10 Dec 2003 20:26:22 +0100
On Wed, Dec 10, 2003 at 12:13:57AM +0000, Pedro Castro wrote:

From: <bugtraq () zapthedingbat com>
To: bugtraq () securityfocus com
Subject: Internet Explorer URL parsing vulnerability

Internet Explorer URL parsing vulnerability
Vendor Notified 09 December, 2003

# Vulnerability ##########
There is a flaw in the way that Internet Explorer displays URLs in 
the address bar.

By opening a specially crafted URL an attacker can open a page that 
appears to be from a different domain from the current location.


This exploit also applies to the Macintosh version of Explorer 
v5.2.3(5815.1)


It does also apply to Mozilla Firebird 0.7.


Not the Linux edition, perhaps only on Windows?

-- 
Andreas Plesner Jacobsen | Owe no man any thing...
                         |              -- Romans 13:8

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]