Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing -- A joke ?
From: "bitlance winter" <bitlance_3 () hotmail com>
Date: Sat, 19 Feb 2005 03:06:21 +0000

A joke ? ;-)

Secunia says,
"It is by default possible for script code to manipulate information displayed in the status bar. However, an error allows manipulation of the status bar without using any script code (e.g. in the "Restricted sites" zone)."

It is important that Outlook Express users may especially trust information displayed in
the status bar since HTML documents are viewed in context of the
"Restricted" zone, which has scripting support disabled.


bitlance winter

Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]