| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 09 Dec 2003 14:34:34 -0500 From: "Eric \"MightyE\" Stevens" <trash@...htye.org> To: bugtraq@...urityfocus.com Cc: soulshok@...pie.dk Subject: Re: Internet Explorer URL parsing vulnerability IE 6.0.2800.1106.xpsp2.030422-1633 with all the latest updates (SP1; Q822925; Q330994; Q828750; Q824145) is vulnerable. Works like a charm. -Eric "MightyE" Stevens http://lotgd.net soulshok@...pie.dk wrote: >In-Reply-To: <20031209144416.31613.qmail@...www2-symnsj.securityfocus.com> > > > >># Exploit ########## >>By opening a window using the http://user@...ain nomenclature an attacker can hide the real location of the page by including a 0x01 character after the "@" character. >>Internet Explorer doesn't display the rest of the URL making the page appear to be at a different domain. >> >> >... > > >># Tested ########## >>Internet Explorer >>Version 6.0.2800.1106C0 >>Updates: SP1, Q810847, Q810351, Q822925, Q330994, Q828750, Q824145 >> >> >> >Internet Explorer 5.00.3700.1000 (SP4, Q824145) doesn't seem to be vunlerable to this. > > >
Powered by blists - more mailing lists