Bugtraq mailing list archives
Re: Phishing using IE7 local resource vulnerability
From: robert () everythingeverything co uk
Date: 15 Mar 2007 15:12:34 -0000
This appears to be mitigated in Vista by Protected Mode, which is on by default, and denies access to local resources. If people decide to disable UAC, they must accept the potential risks that come with it, such as this XSS attack. I appreciate that this is a valid risk for XP.
Current thread:
- Phishing using IE7 local resource vulnerability avivra (Mar 14)
- <Possible follow-ups>
- Re: Phishing using IE7 local resource vulnerability robert (Mar 15)
- RE: Phishing using IE7 local resource vulnerability avivra (Mar 15)