Bugtraq mailing list archives
RE: Internet Explorer Document.Open() Without Close() Cookie Stea ling, File Reading, Site Spoofing Bug
From: CDE Francis <fuy () jhu edu>
Date: Wed, 26 Dec 2001 09:48:05 -0500
> From: the Pull [mailto:osioniusx () yahoo com] > > Exploits: http://www.osioniusx.com > "cookieStealing.html" - This opens Yahoo.com andsteals the cookie. "FileReading.html" - This opens up C:\test.txt and then reads it.> "SiteSpoofing.html" - This spoofs www.chase.com --
None of the exploits at osioniusx.com work on IE 5.x for MacOS. -- Francis Uy, Web Coordinator http://www.cty.jhu.edu/cde/ 410-516-0162
Current thread:
- RE: Internet Explorer Document.Open() Without Close() Cookie Stea ling, File Reading, Site Spoofing Bug Dawes, Rogan (ZA - Johannesburg) (Dec 20)
- <Possible follow-ups>
- RE: Internet Explorer Document.Open() Without Close() Cookie Stea ling, File Reading, Site Spoofing Bug Siddik, Syaefullah (Dec 20)
- RE: Internet Explorer Document.Open() Without Close() Cookie Stea ling, File Reading, Site Spoofing Bug CDE Francis (Dec 26)