| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu May 19 14:49:20 2005 From: Steveb at tshore.com (Steve Bostedor) Subject: RE: Security issue in Microsoft Outlook Doesn't seem to be a problem in Outlook 2003. I made one for http://www.vncscan.com and then followed your instructions to change it to www.hackme.com and it still went to hackme.com. - Steve Bostedor http://www.vncscan.com The Real VNC Manager > -----Original Message----- > From: Bakchodiya [mailto:bakchodiya@...oo.com] > Sent: Wednesday, May 18, 2005 4:28 PM > To: bugtraq@...urityfocus.com > Cc: full-disclosure@...ts.grok.org.uk > Subject: Security issue in Microsoft Outlook > > An issue has been discovered in MS Outlook (All > Versions) where anyone can fake a URL & send it across. > > How does it work: > > Lets compose an email in MS Outlook, lets type > > > http://www.cybertrion.com & put a space after it to make it a > link. Now put your cursor just before cybertrion & type any > URL for eg: > http://www.foo-labs.info now send it to anyone. The receiver > will see the URL as http://www.foo-labs.info but when he > clicks on it it will directly take him to http://www.cybertrion.com > > I am not sure how critical this is but it can fool alot of > people & result in download of a virus. > > For more details and Discovered by: > Cybertrion Systems, > http://www.cybertrion.com > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - Find what you need with new enhanced search. > http://info.mail.yahoo.com/mail_250 >
Powered by blists - more mailing lists