Re: Internet Explorer Phishing mouseover issue

To: bugtraq@xxxxxxxxxxxxxxxxx, gandalf@xxxxxxxxxxx
Subject: Re: Internet Explorer Phishing mouseover issue
From: Paul Szabo <psz@xxxxxxxxxxxxxxxxx>
Date: Sat, 18 Feb 2006 14:34:12 +1100
In-reply-to: <28281822.1140099543347.JavaMail.root@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Ken Hollis (aka Gandalf) wrote:

> Has anybody seen this before?  I know that the mouseover issues ...
> 
> [FORM action=http://malicious/stuff]
> [a href="https://trusted/site";]
> [INPUT ...][/a]

Does not seem to be a mouseover issue, but seems identical to

  Internet Explorer/Outlook Express Restricted Zone Status Bar Spoofing
  http://secunia.com/advisories/11273/

(known, unpatched, since 2004). 

Cheers,

Paul Szabo   psz@xxxxxxxxxxxxxxxxx   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

References:
- Internet Explorer Phishing mouseover issue
  - From: gandalf

Prev by Date: [ MDKSA-2006:043 ] - Updated gnupg packages fix signature file verification vulnerability
Next by Date: Coppermine Photo Gallery <=1.4.3 remote code execution
Previous by thread: Internet Explorer Phishing mouseover issue
Next by thread: Re: Internet Explorer Phishing mouseover issue
Index(es):
- Date
- Thread