Re: New URL spoofing bug in Microsoft Internet Explorer

From: http-equiv_at_excite.com (http-equiv_at_excite.com)
Date: 11/11/04

  • Next message: Sune Kloppenborg Jeppesen: "[ GLSA 200411-22 ] Davfs2, lvm-user: Insecure tempfile handling"
    To: <bugtraq@securityfocus.com>
    Date: Thu, 11 Nov 2004 21:15:12 -0000
    
    

    Since we're going the whole nine yards here, let's toss in the following
    as well:

    1. This will of course give a different reading in the status bar
    2. More importantly it will bypass the so-called 'popup blocker' in IE XP
    SP2

    It's a hand-made Excel spreadsheet using OWC11 for Office 2003. One might
    suspect that the older versions will function the same.

    [screenshot: http://www.malware.com/xcellente.png 5 KB]

    Perhaps someone with more knowledge can get it to automate:

    'foo.ActiveCell.openHyperlink
    'foo.Worksheets(1).Hyperlinks(1).Follow

    Then you're back in the popup business.

    Raw functional incomplete demo here:
    [OWC11: switch on your IE popup blocker]

    http://www.malware.com/xcellent.html

    -- 
    http://www.malware.com
    

  • Next message: Sune Kloppenborg Jeppesen: "[ GLSA 200411-22 ] Davfs2, lvm-user: Insecure tempfile handling"