Full Disclosure: RE: [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing -- A joke ?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

RE: [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing -- A joke ?

From: "bitlance winter" <bitlance_3 () hotmail com>
Date: Sat, 19 Feb 2005 03:06:21 +0000

A joke ? ;-)

Secunia says,

"It is by default possible for script code to manipulate informationdisplayed in the status bar. However, an error allows manipulation of thestatus bar without using any script code (e.g. in the "Restricted sites"zone)."

It is important that Outlook Express users may especially trust informationdisplayed in

the status bar since HTML documents are viewed in context of the
"Restricted" zone, which has scripting support disabled.

REGARDS.

--
bitlance winter

_________________________________________________________________

Express yourself instantly with MSN Messenger! Download today - it's FREE!http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

[SA14304] Internet Explorer /Outlook Express Status Bar Spoofing -- A joke ? (Modi fié par ZATAZ) Secunia Security Advisories (Feb 19)
- RE: [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing -- A joke ? bitlance winter (Feb 19)