[Full-disclosure] New (19.10.05) MS-IE Url Spoofing bug (by K-Gen).
Billy Rios
billy.rios at gmail.com
Fri Oct 21 20:52:26 BST 2005
Interesting.... I'm curious as to what kind of validation is used on the
"onClick=" parameter when it's used in an HREF tag.
On a side note, I recently came across something similar to the
nicesite at evilsite.com phishing trick. The url below demonstrates the
vulnerability:
http://any-site-here.com+www.seclists.org
As you can see... the URL above will direct the user to
seclists.org<http://seclists.org>.
I'm guessing this has more to do with the way DNS handles the request as
opposed to browser vulnerabilities. It could be used for phishing attacks
though.....
BK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051021/a8bdb155/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.