<<< Date Index >>>     <<< Thread Index >>>

Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability



In-Reply-To: <40A90108.9000301@xxxxxxxxxxxx>

I can't see this as vulnerability because its legal code I do something similar 
without using image map for my site to hide the affiliate tracking code.
This is the code:
<a onmouseover="window.status='http://www.the-url-you-see.com;return true" 
title="The Link"
onmouseout="window.status='Whatever-you-like-here';return true"
href='http://www.some-other-url.com'>The link</a>

living example: http://lotdcrew.org/drunkteam_new/page/affiliates.php
------------------------------------------------
>Received: (qmail 26354 invoked from network); 17 May 2004 18:17:56 -0000
>Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) 
>(205.206.231.27)
>  by mail.securityfocus.com with SMTP; 17 May 2004 18:17:56 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com 
>[205.206.231.20])
>       by outgoing3.securityfocus.com (Postfix) with QMQP
>       id B52342371D4; Mon, 17 May 2004 20:13:15 -0600 (MDT)
>Mailing-List: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq@xxxxxxxxxxxxxxxxx>
>List-Help: <mailto:bugtraq-help@xxxxxxxxxxxxxxxxx>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe@xxxxxxxxxxxxxxxxx>
>List-Subscribe: <mailto:bugtraq-subscribe@xxxxxxxxxxxxxxxxx>
>Delivered-To: mailing list bugtraq@xxxxxxxxxxxxxxxxx
>Delivered-To: moderator for bugtraq@xxxxxxxxxxxxxxxxx
>Received: (qmail 11770 invoked from network); 17 May 2004 12:00:16 -0000
>Message-ID: <40A90108.9000301@xxxxxxxxxxxx>
>Date: Mon, 17 May 2004 14:14:32 -0400
>From: Kurczaba Associates advisories <advisories@xxxxxxxxxxxx>
>User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>To: bugtraq@xxxxxxxxxxxxxxxxx
>Subject: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Content-Transfer-Encoding: 7bit
>
>Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>
>http://www.kurczaba.com/securityadvisories/0405132.htm
>-------------------------------------------------------------
>
>Vulnerability ID Number:
>0405132
>
>
>Overview:
>A vulnerability has been found in Microsoft Internet Explorer. A 
>specially coded ImageMap can be used to spoof the URL displayed in the 
>lower, left hand corner of the browser.
>
>
>Vendor:
>Microsoft (http://www.microsoft.com)
>
>
>Affected Systems/Configuration:
>The versions affected by this vulnerability are Microsoft Internet 
>Explorer 5 and 6.
>
>
>Vulnerability/Exploit:
>An ImageMap can be used to spoof the URL displayed in the lower, left 
>hand of the browser. View the "Proof of Concept" example for details.
>
>
>Workaround:
>None so far.
>
>
>Proof of Concept:
>http://www.kurczaba.com/securityadvisories/0405132poc.htm
>
>
>Date Discovered:
>May 13, 2004
>
>
>Severity:
>High
>
>
>Credit:
>Paul Kurczaba
>Kurczaba Associates
>http://www.kurczaba.com/
>
>
>