Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: New URL spoofing bug in Microsoft Internet Explorer
From: "http-equiv () excite com " <1 () malware com>
Date: Thu, 11 Nov 2004 21:24:19 -0000

Since we're going the whole nine yards here, let's toss in the following 
as well:

1. This will of course give a different reading in the status bar
2. More importantly it will bypass the so-called 'popup blocker' in IE XP 

It's a hand-made Excel spreadsheet using OWC11 for Office 2003. One might 
suspect that the older versions will function the same.

[screenshot: http://www.malware.com/xcellente.png 5 KB]

Perhaps someone with more knowledge can get it to automate:


Then you're back in the popup business.

Raw functional incomplete demo here:
[OWC11: switch on your IE popup blocker]



Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • Re: New URL spoofing bug in Microsoft Internet Explorer http-equiv () excite com (Nov 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]