Bugtraq mailing list archives

Re: Yet another Hotmail security hole - injecting JavaScript in

From: nick () VIRUS-L DEMON CO UK (Nick FitzGerald)
Date: Wed, 5 Jan 2000 15:58:33 +1200

Georgi Guninski security advisory #2, 2000

Yet another Hotmail security hole - injecting JavaScript in IE using
<IMG DYNRC="javascript:....">

<<snip>>

It would be nice to think that while fixing the previous hole
(<IMG LOWSRC="javascript:....">), one or two of the MS/Hotmail
security staff might have wondered "What other parameters on this and
other tags may be similarly exploitable?".

Yeah, right...

I note that no browser fixes have been notified/posted yet, or is
this a Hotmail-only hole (i.e. "expected behaviour" in the browser)?

Regards,

Nick FitzGerald

Current thread:

Yet another Hotmail security hole - injecting JavaScript in IE using <IMG DYNRC="javascript:...."> Georgi Guninski (Jan 04)
- Re: Yet another Hotmail security hole - injecting JavaScript in Nick FitzGerald (Jan 04)