<<< Date Index >>>     <<< Thread Index >>>

Re: Internet Explorer Phishing mouseover issue



Ken Hollis (aka Gandalf) wrote:

> Has anybody seen this before?  I know that the mouseover issues ...
> 
> [FORM action=http://malicious/stuff]
> [a href="https://trusted/site";]
> [INPUT ...][/a]

Does not seem to be a mouseover issue, but seems identical to

  Internet Explorer/Outlook Express Restricted Zone Status Bar Spoofing
  http://secunia.com/advisories/11273/

(known, unpatched, since 2004). 

Cheers,

Paul Szabo   psz@xxxxxxxxxxxxxxxxx   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia