Re: Internet Explorer URL parsing vulnerability
On Wed, Dec 10, 2003 at 12:13:57AM +0000, Pedro Castro wrote:
> >>From: <bugtraq@xxxxxxxxxxxxxxxxx>
> >>To: bugtraq@xxxxxxxxxxxxxxxxx
> >>Subject: Internet Explorer URL parsing vulnerability
> >>
> >>Internet Explorer URL parsing vulnerability
> >>Vendor Notified 09 December, 2003
> >>
> >># Vulnerability ##########
> >>There is a flaw in the way that Internet Explorer displays URLs in
> >>the address bar.
> >>
> >>By opening a specially crafted URL an attacker can open a page that
> >>appears to be from a different domain from the current location.
> >>
> >This exploit also applies to the Macintosh version of Explorer
> >v5.2.3(5815.1)
>
> It does also apply to Mozilla Firebird 0.7.
Not the Linux edition, perhaps only on Windows?
--
Andreas Plesner Jacobsen | Owe no man any thing...
| -- Romans 13:8