[37145] in bugtraq

home help back first fref pref prev next nref lref last post

Re: New URL spoofing bug in Microsoft Internet Explorer

daemon@ATHENA.MIT.EDU (GuidoZ)
Fri Oct 29 18:46:37 2004

Message-ID: <b7bc1b1f041029122057d9d38e@mail.gmail.com>
Date: Fri, 29 Oct 2004 15:20:21 -0400
From: GuidoZ <uberguidoz@gmail.com>
Reply-To: GuidoZ <uberguidoz@gmail.com>
To: Larry Seltzer <larry@larryseltzer.com>
Cc: 0-1-2-3@gmx.de, bugtraq@securityfocus.com
In-Reply-To: <20041029015738.31563.qmail@mail.securityfocus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Same version I tested, Larry. (Same results too, for the most part.)
Try looking at my page for another example (as I stated in my previous
emails), as well as a way it might "work" in a sense:
 - http://www.guidoz.com/btstatusurl.html

FYI: It seems my emails from 10/28 may have not made it to the list
yet (?). They are included.

--
Peace. ~G


On Thu, 28 Oct 2004 22:14:28 -0400, Larry Seltzer
<larry@larryseltzer.com> wrote:
> Windows XP SP2 (IE 6.0.2900.2180.xpsp_sp2_rtm.040803-2158)
> Has no problem - the status bar says Google and the click goes to Google
> 
> Larry Seltzer
> eWEEK.com Security Center Editor
> http://security.eweek.com/
> http://blog.ziffdavis.com/seltzer
> larryseltzer@ziffdavis.com 
> 
> 
> -----Original Message-----
> From: 0-1-2-3@gmx.de [mailto:0-1-2-3@gmx.de]
> Sent: Thursday, October 28, 2004 5:38 PM
> To: bugtraq@securityfocus.com
> Subject: New URL spoofing bug in Microsoft Internet Explorer
> 
> New URL spoofing bug in Microsoft Internet Explorer
> 
> There is a security bug in Internet Explorer 6.0.2800.1106 (fully
> patched), which allowes to show any faked target-address in the status
> bar of the window.
> 
> The example below will display a faked URL ("http://www.microsoft.com/")
> in the status bar of the window, if you move your mouse over the link.
> Click on the link and IE will go to "http://www.google.com/" and NOT to
> "http://www.microsoft.com/" .
> 
> <a href="http://www.microsoft.com/"><table><tr><td><a
> href="http://www.google.com/">Click here</td></tr></table></a>
> 
> Description: Microsoft Internet Explorer can't handle links surrounded
> by a table and an other link correct.
> 
> The bug can be exploited using HTML mail message too.
> 
> Affected software: Microsoft Internet Explorer, Microsoft Outlook
> Express, ...
> 
> Workaround: Don't click on non-trusted links. Or right-click on links to
> see the real target. Or use Copy-and-Paste.
> 
> Regards,
> Benjamin Tobias Franz
> Germany
> 
>
home help back first fref pref prev next nref lref last post