Bugtraq mailing list archives
Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
From: Jan Kluka <kluka () no-junk-please ii fmph uniba sk>
Date: Tue, 18 May 2004 10:28:23 +0200
On Mon, May 17, 2004 at 01:09:21PM -0800, thegeekmeister () SAFe-mail net wrote:
i find that this apparently works just the same in mozilla firefox on gentoo linux 2004.1. the only way to detect that this is an image, or an image map, at all is to look at the source, or to select the text, as right clicking does not allow saving image or copying image location.
It does NOT work in Mozilla Firefox 0.8 (official GNU/Linux gtk2+xft build). If the cursor is in certain area _around_ the link, the statusbar shows http://www.microsoft.com/, but when the cursor points _at_ the link, the statusbar shows http://www.linux.com/. Jan
-------- Original Message -------- From: Kurczaba Associates advisories <advisories () kurczaba com> Apparently from: bugtraq-return-14371-thegeekmeister=safe-mail.net () securityfocus com To: bugtraq () securityfocus com Subject: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Date: Mon, 17 May 2004 14:14:32 -0400Microsoft Internet Explorer ImageMap URL Spoof Vulnerability http://www.kurczaba.com/securityadvisories/0405132.htm ------------------------------------------------------------- Vulnerability ID Number: 0405132 Overview: A vulnerability has been found in Microsoft Internet Explorer. A specially coded ImageMap can be used to spoof the URL displayed in the lower, left hand corner of the browser.
(...)
Current thread:
- Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Kurczaba Associates advisories (May 17)
- <Possible follow-ups>
- RE: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Drew Copley (May 17)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability thegeekmeister (May 17)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Jan Kluka (May 18)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability sandrijeski (May 27)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Robert J Taylor (May 31)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Valdis . Kletnieks (May 31)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Peter Pentchev (May 31)
- Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability http-equiv () excite com (May 27)