Bugtraq mailing list archives

Re: MSIE7 browser entrapment vulnerability (probably Firefox, too)

From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Mon, 26 Feb 2007 19:11:15 +0100 (CET)

On Fri, 23 Feb 2007, Jeffrey Katz wrote:

Just checked on IE 7.0.5730.11 -- doesn't exhibit problem.


Most certainly does; you might have scripting disabled, or be
experiencing some other anomaly, but for much of the population, the
attack works as advertised on that version.

/mz

Current thread:

MSIE7 browser entrapment vulnerability (probably Firefox, too) Michal Zalewski (Feb 23)
- Firefox: onUnload tailgating (MSIE7 entrapment bug variant) Michal Zalewski (Feb 23)
- Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Jeffrey Katz (Feb 26)
  - Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Michal Zalewski (Feb 26)
- <Possible follow-ups>
- RE: MSIE7 browser entrapment vulnerability (probably Firefox, too) perpetualmotionuk (Feb 28)