[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200602180334.k1I3YC0q029543@pisa.maths.usyd.edu.au>
Date: Sat, 18 Feb 2006 14:34:12 +1100
From: Paul Szabo <psz@...hs.usyd.edu.au>
To: bugtraq@...urityfocus.com, gandalf@...ital.net
Subject: Re: Internet Explorer Phishing mouseover issue
Ken Hollis (aka Gandalf) wrote:
> Has anybody seen this before? I know that the mouseover issues ...
>
> [FORM action=http://malicious/stuff]
> [a href="https://trusted/site"]
> [INPUT ...][/a]
Does not seem to be a mouseover issue, but seems identical to
Internet Explorer/Outlook Express Restricted Zone Status Bar Spoofing
http://secunia.com/advisories/11273/
(known, unpatched, since 2004).
Cheers,
Paul Szabo psz@...hs.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Powered by blists - more mailing lists