RE: Forward:FullDisclosure/IE - Possible Address Spoofing

[Chenghuai Lu <luchenghuai () yahoo com>]

Could this be related web caching or something? I use
google as my default homepage in IE and I access
internet through a web proxy.

--- Michael Silk <michaels () phg com au> wrote:

> Hello,
>
>       Without knowing, it may treat some sites
> differently due to the time required it physically
> takes to download the data.
>
> -- Michael
>
> -----Original Message-----
> From: Chenghuai Lu [mailto:luchenghuai () yahoo com]
> Sent: Tuesday, 27 July 2004 1:00 AM
> To: bugtraq () securityfocus com
> Subject: RE: Forward:FullDisclosure/IE - Possible
> Address Spoofing
>
>
> I played the exploit using IE5 and IE6. I observed
> some strange behaviors. Under IE5 no sp when I click
> the link, the IE will open the urls specified in the
> href, i.e., microsoft, google and slatdot first.
> Then,
> the IE will redirect the window to the url specified
> in onunload. Under IE6 sp1, the IE will directly
> open
> the url specified in onunload. But for the specific
> example of google.com, the IE copies the content of
> google page and opens it in the local domain. The
> screenshots are attached in the email. Two
> questions:
>
> 1. Why does IE6 treat Microsoft.com, slatdot.com and
> google.com differently? 
> 2. Does this mean that, google can execute code with
> local privilege in my computer? 
>
> -----
> SUBJ: FullDisclosure: multiple web browsers,
> multiple
> bugs - onUnload 
> and location.href
> FROM: Rudolf Polzer (divzero_at_gmail.com)
> URL :
http://seclists.org/lists/fulldisclosure/2004/Jul/1001.html
> DEMO:
http://www.informatik.uni-frankfurt.de/~polzer/rbiclan/location
> -----
>
> after i clicked "Google" on the page, address field
> of
> IE was faked - on 
> ie6.sp1.up2date running on winxp.home.en.up2date
>
> just got it at iebug.com today.
>
> liudieyu
> liudieyu AT umbrella D0T name
>
>
>
>
>               
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail 
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> http://mail.yahoo.com 
>
>
> This email message and accompanying data may contain
> information that is confidential and/or subject to
> legal privilege. If you are not the intended
> recipient, you are notified that any use,
> dissemination, distribution or copying of this
> message or data is prohibited. If you have received
> this email message in error, please notify us
> immediately and erase all copies of this message and
> attachments.
>
> This email is for your convenience only, you should
> not rely on any information contained herein for
> contractual or legal purposes. You should only rely
> on information and/or instructions in writing and on
> company letterhead signed by authorised persons.



                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail