[23624] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Internet Explorer Document.Open() Without Close() Cookie Stea

daemon@ATHENA.MIT.EDU (CDE Francis)
Wed Dec 26 19:32:09 2001

Date: Wed, 26 Dec 2001 09:48:05 -0500
From: CDE Francis <fuy@jhu.edu>
In-reply-to: <2D099894EB2F6746A44DD06C44F6D5E7243339@irja-exch2.tpra.fmi.com>
To: osioniusx@yahoo.com
Cc: bugtraq@securityfocus.com
Message-id: <a05100303b84f93419544@[128.220.149.173]>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed

>  > From: the Pull [mailto:osioniusx@yahoo.com]
>  >
>  > Exploits: http://www.osioniusx.com
>  > "cookieStealing.html" - This opens Yahoo.com and
>>  steals the cookie.
>>  "FileReading.html" - This opens up C:\test.txt and
>>  then reads it.
>  > "SiteSpoofing.html" - This spoofs www.chase.com  --

None of the exploits at osioniusx.com work on IE 5.x for MacOS.

-- 
Francis Uy, Web Coordinator http://www.cty.jhu.edu/cde/ 410-516-0162


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23624] in bugtraq

RE: Internet Explorer Document.Open() Without Close() Cookie Stea

daemon@ATHENA.MIT.EDU (CDE Francis)Wed Dec 26 19:32:09 2001

daemon@ATHENA.MIT.EDU (CDE Francis)
Wed Dec 26 19:32:09 2001