Bugtraq mailing list archives
Re: IE7 website security certificate discrediting exploit
From: inge_eivind.henriksen () chello no
Date: 7 Nov 2006 19:00:32 -0000
There is a similar bug with ieframe-dll's sslnavcancel.htm. I also found that if you use ieframe.dll's http_410.htm you can make a link that says "The webpage no longer exists" with a spoof'ed address. POC's is at my blog as comments to the original article.
Current thread:
- IE7 website security certificate discrediting exploit inge_eivind . henriksen (Nov 06)
- <Possible follow-ups>
- Re: IE7 website security certificate discrediting exploit inge_eivind . henriksen (Nov 07)