Re: Internet Explorer URL parsing vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

IE 6.0.2800.1106.xpsp2.030422-1633 with all the latest updates (SP1; Q822925; Q330994; Q828750; Q824145) is vulnerable. Works like a charm.

-Eric "MightyE" Stevens
http://lotgd.net

soulshok@hippie.dk wrote:

In-Reply-To: <20031209144416.31613.qmail@sf-www2-symnsj.securityfocus.com>



# Exploit ##########
By opening a window using the http://user@domain nomenclature an attacker can hide the real location of the page by including a 0x01 character after the "@" character.
Internet Explorer doesn't display the rest of the URL making the page appear to be at a different domain.

...


# Tested ##########
Internet Explorer
Version 6.0.2800.1106C0
Updates: SP1, Q810847, Q810351, Q822925, Q330994, Q828750, Q824145



Internet Explorer 5.00.3700.1000 (SP4, Q824145) doesn't seem to be vunlerable to this.



[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux