Full Disclosure mailing list archives
Re: Re: Internet Explorer URL parsing vulnerability
From: petard <petard () freeshell org>
Date: Thu, 11 Dec 2003 16:38:19 +0000
On Thu, Dec 11, 2003 at 10:26:06AM -0500, Funk Jr, Joseph C. wrote:
Works fine for me same version IE6.0.2800.1106.xpsp2. Sends me to https://paypal.com Although I did notice that the <button> seems to be a requirement for this vulnerability to work, as using a plain hyperlink <a href> fails for me.
Try this one: http://petard.freeshell.org/ms-announce.html regards, petard -- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Internet Explorer URL parsing vulnerability, (continued)
- Re: Re: Internet Explorer URL parsing vulnerability Georgi Guninski (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability Dark Avenger (Dec 12)
- Re: Re: Internet Explorer URL parsing vulnerability Georgi Guninski (Dec 12)
- Re: RE:Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 10)
- RE: Re: Internet Explorer URL parsing vulnerability S G Masood (Dec 11)
- RE: Re: Internet Explorer URL parsing vulnerability S G Masood (Dec 12)
- RE: Re: Internet Explorer URL parsing vulnerability Jarkko Turkulainen (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability petard (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability petard (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability John Sage (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability Erik van Straten (Dec 12)
- Re: Re: Internet Explorer URL parsing vulnerability Georgi Guninski (Dec 12)