[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040527095333.14251.qmail@www.securityfocus.com>
Date: 27 May 2004 09:53:33 -0000
From: <sandrijeski@...oo.com>
To: bugtraq@...urityfocus.com
Subject: Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
In-Reply-To: <40A90108.9000301@...czaba.com>
I can't see this as vulnerability because its legal code I do something similar without using image map for my site to hide the affiliate tracking code.
This is the code:
<a onmouseover="window.status='http://www.the-url-you-see.com;return true"
title="The Link"
onmouseout="window.status='Whatever-you-like-here';return true"
href='http://www.some-other-url.com'>The link</a>
living example: http://lotdcrew.org/drunkteam_new/page/affiliates.php
------------------------------------------------
>Received: (qmail 26354 invoked from network); 17 May 2004 18:17:56 -0000
>Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
> by mail.securityfocus.com with SMTP; 17 May 2004 18:17:56 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
> by outgoing3.securityfocus.com (Postfix) with QMQP
> id B52342371D4; Mon, 17 May 2004 20:13:15 -0600 (MDT)
>Mailing-List: contact bugtraq-help@...urityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq@...urityfocus.com>
>List-Help: <mailto:bugtraq-help@...urityfocus.com>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe@...urityfocus.com>
>List-Subscribe: <mailto:bugtraq-subscribe@...urityfocus.com>
>Delivered-To: mailing list bugtraq@...urityfocus.com
>Delivered-To: moderator for bugtraq@...urityfocus.com
>Received: (qmail 11770 invoked from network); 17 May 2004 12:00:16 -0000
>Message-ID: <40A90108.9000301@...czaba.com>
>Date: Mon, 17 May 2004 14:14:32 -0400
>From: Kurczaba Associates advisories <advisories@...czaba.com>
>User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>To: bugtraq@...urityfocus.com
>Subject: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Content-Transfer-Encoding: 7bit
>
>Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>
>http://www.kurczaba.com/securityadvisories/0405132.htm
>-------------------------------------------------------------
>
>Vulnerability ID Number:
>0405132
>
>
>Overview:
>A vulnerability has been found in Microsoft Internet Explorer. A
>specially coded ImageMap can be used to spoof the URL displayed in the
>lower, left hand corner of the browser.
>
>
>Vendor:
>Microsoft (http://www.microsoft.com)
>
>
>Affected Systems/Configuration:
>The versions affected by this vulnerability are Microsoft Internet
>Explorer 5 and 6.
>
>
>Vulnerability/Exploit:
>An ImageMap can be used to spoof the URL displayed in the lower, left
>hand of the browser. View the "Proof of Concept" example for details.
>
>
>Workaround:
>None so far.
>
>
>Proof of Concept:
>http://www.kurczaba.com/securityadvisories/0405132poc.htm
>
>
>Date Discovered:
>May 13, 2004
>
>
>Severity:
>High
>
>
>Credit:
>Paul Kurczaba
>Kurczaba Associates
>http://www.kurczaba.com/
>
>
>
Powered by blists - more mailing lists