RE: Forward:FullDisclosure/IE - Possible Address Spoofing
From: Chenghuai Lu (luchenghuai_at_yahoo.com)
Date: 07/28/04
- Previous message: Mandrake Linux Security Team: "MDKSA-2004:076 - Updated sox packages fix buffer overflows with malicious .wav files"
- In reply to: Michael Silk: "RE: Forward:FullDisclosure/IE - Possible Address Spoofing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Jul 2004 07:19:35 -0700 (PDT) To: Michael Silk <michaels@phg.com.au>, bugtraq@securityfocus.com
Could this be related web caching or something? I use
google as my default homepage in IE and I access
internet through a web proxy.
--- Michael Silk <michaels@phg.com.au> wrote:
> Hello,
>
> Without knowing, it may treat some sites
> differently due to the time required it physically
> takes to download the data.
>
> -- Michael
>
> -----Original Message-----
> From: Chenghuai Lu [mailto:luchenghuai@yahoo.com]
> Sent: Tuesday, 27 July 2004 1:00 AM
> To: bugtraq@securityfocus.com
> Subject: RE: Forward:FullDisclosure/IE - Possible
> Address Spoofing
>
>
> I played the exploit using IE5 and IE6. I observed
> some strange behaviors. Under IE5 no sp when I click
> the link, the IE will open the urls specified in the
> href, i.e., microsoft, google and slatdot first.
> Then,
> the IE will redirect the window to the url specified
> in onunload. Under IE6 sp1, the IE will directly
> open
> the url specified in onunload. But for the specific
> example of google.com, the IE copies the content of
> google page and opens it in the local domain. The
> screenshots are attached in the email. Two
> questions:
>
> 1. Why does IE6 treat Microsoft.com, slatdot.com and
> google.com differently?
> 2. Does this mean that, google can execute code with
> local privilege in my computer?
>
> -----
> SUBJ: FullDisclosure: multiple web browsers,
> multiple
> bugs - onUnload
> and location.href
> FROM: Rudolf Polzer (divzero_at_gmail.com)
> URL :
>
http://seclists.org/lists/fulldisclosure/2004/Jul/1001.html
> DEMO:
>
http://www.informatik.uni-frankfurt.de/~polzer/rbiclan/location
> -----
>
> after i clicked "Google" on the page, address field
> of
> IE was faked - on
> ie6.sp1.up2date running on winxp.home.en.up2date
>
> just got it at iebug.com today.
>
> liudieyu
> liudieyu AT umbrella D0T name
>
>
>
>
>
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam
> protection around
> http://mail.yahoo.com
>
>
> This email message and accompanying data may contain
> information that is confidential and/or subject to
> legal privilege. If you are not the intended
> recipient, you are notified that any use,
> dissemination, distribution or copying of this
> message or data is prohibited. If you have received
> this email message in error, please notify us
> immediately and erase all copies of this message and
> attachments.
>
> This email is for your convenience only, you should
> not rely on any information contained herein for
> contractual or legal purposes. You should only rely
> on information and/or instructions in writing and on
> company letterhead signed by authorised persons.
>
>
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
- Previous message: Mandrake Linux Security Team: "MDKSA-2004:076 - Updated sox packages fix buffer overflows with malicious .wav files"
- In reply to: Michael Silk: "RE: Forward:FullDisclosure/IE - Possible Address Spoofing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
