Re: Internet Explorer URL parsing vulnerability
From: Andreas Plesner Jacobsen (apj_at_mutt.dk)
Date: 12/10/03
- Previous message: Lance James: "RE: Internet Explorer URL parsing vulnerability"
- In reply to: Pedro Castro: "Re: Internet Explorer URL parsing vulnerability"
- Next in thread: Charles Richmond: "Re: Internet Explorer URL parsing vulnerability"
- Reply: Charles Richmond: "Re: Internet Explorer URL parsing vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Dec 2003 20:26:22 +0100 To: bugtraq@securityfocus.com
On Wed, Dec 10, 2003 at 12:13:57AM +0000, Pedro Castro wrote:
> >>From: <bugtraq@zapthedingbat.com>
> >>To: bugtraq@securityfocus.com
> >>Subject: Internet Explorer URL parsing vulnerability
> >>
> >>Internet Explorer URL parsing vulnerability
> >>Vendor Notified 09 December, 2003
> >>
> >># Vulnerability ##########
> >>There is a flaw in the way that Internet Explorer displays URLs in
> >>the address bar.
> >>
> >>By opening a specially crafted URL an attacker can open a page that
> >>appears to be from a different domain from the current location.
> >>
> >This exploit also applies to the Macintosh version of Explorer
> >v5.2.3(5815.1)
>
> It does also apply to Mozilla Firebird 0.7.
Not the Linux edition, perhaps only on Windows?
--
Andreas Plesner Jacobsen | Owe no man any thing...
| -- Romans 13:8
- Previous message: Lance James: "RE: Internet Explorer URL parsing vulnerability"
- In reply to: Pedro Castro: "Re: Internet Explorer URL parsing vulnerability"
- Next in thread: Charles Richmond: "Re: Internet Explorer URL parsing vulnerability"
- Reply: Charles Richmond: "Re: Internet Explorer URL parsing vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
