lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: 1 at malware.com (http-equiv@...ite.com ) Subject: Re: New URL spoofing bug in Microsoft Internet Explorer Since we're going the whole nine yards here, let's toss in the following as well: 1. This will of course give a different reading in the status bar 2. More importantly it will bypass the so-called 'popup blocker' in IE XP SP2 It's a hand-made Excel spreadsheet using OWC11 for Office 2003. One might suspect that the older versions will function the same. [screenshot: http://www.malware.com/xcellente.png 5 KB] Perhaps someone with more knowledge can get it to automate: 'foo.ActiveCell.openHyperlink 'foo.Worksheets(1).Hyperlinks(1).Follow Then you're back in the popup business. Raw functional incomplete demo here: [OWC11: switch on your IE popup blocker] http://www.malware.com/xcellent.html -- http://www.malware.com