FW: MSIE Vulnerability Advisory : MSIE - New Site Spoofing - NullyFake

From: Zeevi, Dan (ZEEVID_at_CONED.COM)
Date: 08/16/04

  • Next message: Russ Cooper: "NTBugtraq's Microsoft Windows XP SP2 Survey" 
    Date:         Mon, 16 Aug 2004 10:03:48 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    I think that XP SP2's default popup blocking setting blocked the
    redirection/popup that your page was trying to execute. I was informed
    that a popup was trying to execute and offered the chance to override
    the default. I saw three error messages from your site.

    Dan Zeevi

    -----Original Message-----
    From: Liu Die Yu [mailto:liudieyu@UMBRELLA.NAME]
    Sent: Sunday, August 15, 2004 7:08 PM
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    Subject: MSIE Vulnerability Advisory : MSIE - New Site Spoofing -
    NullyFake

    SUBJ: NullyFake - Site Spoofing in MSIE
    FROM: Liu Die Yu <liudieyu AT umbrella D0T name>

    [demo]
    http://umbrella.name/originalvuln/msie/NullyFake/test.htm

    [tested]
    ie6.zhcn.sp1.up2date running on winxp.pro.zhcn.up2date : 2004/08/15
    ie6.en.sp1.up2date running on winxp.pro.en.up2date : 2004/08/15
    (xpsp2 does not appear at windows update website, so my computers with
    copyright winxp don't have it installed)

    [exp]
    just fake the location field - just useful for cheating people to input
    some stuff

    -----
    NTBugtraq Editor's Note:

    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.
    -----

  • Next message: Russ Cooper: "NTBugtraq's Microsoft Windows XP SP2 Survey"

    Relevant Pages

    • Re: How Malicious Hackers Trap You
      ... >>However, given an interpreting program, such as MSIE, an img can appear ... summink and rely on poor file handling to execute it. ... "Without knowledge you have fear. ... "He who controls Google, controls the world". ...
      (alt.computer.security)
    • Re: How Malicious Hackers Trap You
      ... you can hide anything in a picture including an executable. ... >> However the trick would be to get it to execute. ... >execute code as MSIE looks at the file contents and ignores the file extension, ...
      (alt.computer.security)