Re: IE URL obfuscation

From: Martin Christopher (martin.christopher_at_UK.EASYNET.NET)
Date: 12/10/03

  • Next message: Tom Geairn: "Re: SUS Activity Last night"
    Date:         Wed, 10 Dec 2003 15:08:10 -0000
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    This appears to be another case of 'Vanilla' IE implementations being
    vulnerable to the 'ploit, but browsers with extensions / additions being
    immune.

    I am running the SlimBrowser enhancements for IE and it showed the url up
    as:
    http://www.microsoft.com @zapthedingbat.com/security/ex01/vun2.htm (exactly
    as shown)

    I would hypothesize that the results of this test are related to the
    character sets installed on your machine / browser.

    Martin Christopher
    Microsoft Systems
    Easynet Ltd

    */ The clock it ticking
       and from now on we are keeping score /*

    ----
    NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
    code "NT1003" when registering to take the TICSA exam at www.2test.com.
    Prove to your employer and peers that you have the knowledge and
    abilities to be an active stakeholder in today's enterprise security.
    Become TICSA certified www.trusecure.com/ticsa.  Promotion expires
    12/31/03 and cannot be used in combination with other offers.
    ----
    

  • Next message: Tom Geairn: "Re: SUS Activity Last night"