lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Dec 2003 00:13:57 +0000 From: Pedro Castro <noupy@...l.telepac.pt> To: bugtraq@...urityfocus.com Subject: Re: Internet Explorer URL parsing vulnerability It does also apply to Mozilla Firebird 0.7. John W. Noerenberg II wrote: > This exploit also applies to the Macintosh version of Explorer > v5.2.3(5815.1) > >> From: <bugtraq@...thedingbat.com> >> To: bugtraq@...urityfocus.com >> Subject: Internet Explorer URL parsing vulnerability >> >> >> >> Internet Explorer URL parsing vulnerability >> Vendor Notified 09 December, 2003 >> >> # Vulnerability ########## >> There is a flaw in the way that Internet Explorer displays URLs in >> the address bar. >> >> By opening a specially crafted URL an attacker can open a page that >> appears to be from a different domain from the current location. >> >> # Exploit ########## >> By opening a window using the http://user@...ain nomenclature an >> attacker can hide the real location of the page by including a 0x01 >> character after the "@" character. >> Internet Explorer doesn't display the rest of the URL making the page >> appear to be at a different domain. >> >> # POC ########## >> http://www.zapthedingbat.com/security/ex01/vun1.htm >> >> # Tested ########## >> Internet Explorer >> Version 6.0.2800.1106C0 >> Updates: SP1, Q810847, Q810351, Q822925, Q330994, Q828750, Q824145 >> >> # Credit ########## >> Zap The Dingbat >> http://www.zapthedingbat.com/ > >
Powered by blists - more mailing lists