bugtraq - Forward:FullDisclosure/IE - Possible Address Spoofing

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [day] [month] [year] [list]

Date: Fri, 23 Jul 2004 08:36:40 +0800
From: Liu Die Yu <liudieyu@...rella.name>
To: bugtraq@...urityfocus.com
Subject: Forward:FullDisclosure/IE - Possible Address Spoofing


-----
SUBJ: FullDisclosure: multiple web browsers, multiple bugs - onUnload 
and location.href
FROM: Rudolf Polzer (divzero_at_gmail.com)
URL : http://seclists.org/lists/fulldisclosure/2004/Jul/1001.html
DEMO: http://www.informatik.uni-frankfurt.de/~polzer/rbiclan/location
-----

after i clicked "Google" on the page, address field of IE was faked - on 
ie6.sp1.up2date running on winxp.home.en.up2date

just got it at iebug.com today.

liudieyu
liudieyu AT umbrella D0T name