Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE: FWD: Internet Explorer URL parsing vulnerability

From: "VeNoMouS" <venom () gen-x co nz>
Date: Wed, 10 Dec 2003 21:51:01 +1300
and as for the why the %01 works, i can only assume as %01 is a non
printable character IE stops it there, its the same as if u would use %02
and so on, or are you that moronic you dont understand character sets?




----- Original Message ----- 
From: "S G Masood" <sgmasood () yahoo com>
To: <full-disclosure () lists netsys com>
Sent: Wednesday, December 10, 2003 8:06 PM
Subject: Re: [Full-disclosure] RE: FWD: Internet Explorer URL parsing
vulnerability




--- VeNoMouS <venom () gen-x co nz> wrote:


umm tested this you dont need %01
either btw.

www.microsoft.com () www linux org



What is your point? Have you read the original post?


Apart from this, does anyone have a "lowlevel"
explanation why the %01 trick works?


--
iNt27~





__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: