Bugtraq mailing list archives
Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
From: Kurczaba Associates advisories <advisories () kurczaba com>
Date: Mon, 17 May 2004 14:14:32 -0400
Microsoft Internet Explorer ImageMap URL Spoof Vulnerability http://www.kurczaba.com/securityadvisories/0405132.htm ------------------------------------------------------------- Vulnerability ID Number: 0405132 Overview:A vulnerability has been found in Microsoft Internet Explorer. A specially coded ImageMap can be used to spoof the URL displayed in the lower, left hand corner of the browser.
Vendor: Microsoft (http://www.microsoft.com) Affected Systems/Configuration:The versions affected by this vulnerability are Microsoft Internet Explorer 5 and 6.
Vulnerability/Exploit:An ImageMap can be used to spoof the URL displayed in the lower, left hand of the browser. View the "Proof of Concept" example for details.
Workaround: None so far. Proof of Concept: http://www.kurczaba.com/securityadvisories/0405132poc.htm Date Discovered: May 13, 2004 Severity: High Credit: Paul Kurczaba Kurczaba Associates http://www.kurczaba.com/
Current thread:
- Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Kurczaba Associates advisories (May 17)
- <Possible follow-ups>
- RE: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Drew Copley (May 17)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability thegeekmeister (May 17)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Jan Kluka (May 18)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability sandrijeski (May 27)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Robert J Taylor (May 31)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Valdis . Kletnieks (May 31)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Peter Pentchev (May 31)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability http-equiv () excite com (May 27)