Re: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability
From: petard (petard_at_freeshell.org)
Date: 12/11/03
- Previous message: Jarkko Turkulainen: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability"
- In reply to: Funk Jr, Joseph C.: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability"
- Next in thread: Schmehl, Paul L: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Funk Jr, Joseph C." <jcfunkjr@co.bucks.pa.us> Date: Thu, 11 Dec 2003 16:38:19 +0000
On Thu, Dec 11, 2003 at 10:26:06AM -0500, Funk Jr, Joseph C. wrote:
> Works fine for me same version IE6.0.2800.1106.xpsp2. Sends me to https://paypal.com Although I did notice that the <button> seems to be a requirement for this vulnerability to work, as using a plain hyperlink <a href> fails for me.
>
Try this one:
http://petard.freeshell.org/ms-announce.html
regards,
petard
-- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Jarkko Turkulainen: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability"
- In reply to: Funk Jr, Joseph C.: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability"
- Next in thread: Schmehl, Paul L: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
