Forward:FullDisclosure/IE - Possible Address Spoofing

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Forward:FullDisclosure/IE - Possible Address Spoofing
From: Liu Die Yu <liudieyu@xxxxxxxxxxxxx>
Date: Fri, 23 Jul 2004 08:36:40 +0800
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616

-----

SUBJ: FullDisclosure: multiple web browsers, multiple bugs - onUnloadand location.href

FROM: Rudolf Polzer (divzero_at_gmail.com)
URL : http://seclists.org/lists/fulldisclosure/2004/Jul/1001.html
DEMO: http://www.informatik.uni-frankfurt.de/~polzer/rbiclan/location
-----

after i clicked "Google" on the page, address field of IE was faked - onie6.sp1.up2date running on winxp.home.en.up2date


just got it at iebug.com today.

liudieyu
liudieyu AT umbrella D0T name

Prev by Date: FW: [Full-Disclosure] Progress and Challenges
Next by Date: eSafe: Could this be exploited?
Previous by thread: FW: [Full-Disclosure] Progress and Challenges
Next by thread: RE: Forward:FullDisclosure/IE - Possible Address Spoofing
Index(es):
- Date
- Thread