Re: Internet Explorer URL parsing vulnerability (Yes, Mozilla too.)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> MacOSX 10.2.28 	Mozilla Firebird 0.6		NOT vulnerability
> MacOSX 10.2.28 	Mozilla Firebird 0.7.1 		NOT vulnerability
> MacOSX 10.2.28 	IE 5.2.2 (5010.1)			NOT vulnerability
> MacOSX 10.2.28 	IE 5.2.3 (5815.1)			NOT vulnerability

Mozilla 1.5 is vulnerable on Linux, but not to %01  (In fact, I could not get
it to work with %01 on IE 6.0.2800.1106

If you use %00, it works the same.

http://www.microsoft.com%00@www.securityfocus.com

Mozilla 1.5 (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007)

Mouse over will only show www.microsoft.com.

Not that this is a huge deal
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux