Full Disclosure mailing list archives
RE: Re: Internet Explorer URL parsing vulnerabi lity
From: David Vincent <david.vincent () mightyoaks com>
Date: Thu, 11 Dec 2003 09:22:26 -0800
On Thu, Dec 11, 2003 at 10:26:06AM -0500, Funk Jr, Joseph C. wrote:Works fine for me same version IE6.0.2800.1106.xpsp2.Sends me to https://paypal.com Although I did notice that the <button> seems to be a requirement for this vulnerability to work, as using a plain hyperlink <a href> fails for me.Try this one: http://petard.freeshell.org/ms-announce.html
displayed as "http://www.microsoft.com%01 () slashdot org/" in the latest Firebird 0.7+ nightly. displayed as "http://www.microsoft.com@slashdot.org/" in Opera 7.23 AFTER getting a warning about going to an URL which includes a username. displayed as "http://www.microsoft.com@slashdot.org/" in Avant Browser 8.02 Build 207 displayed as "http://www.microsoft.com" in IE 6.0.2800.1106 all are on W2k Pro SP4 et al. -d _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Re: Internet Explorer URL parsing vulnerabi lity David Vincent (Dec 10)
- <Possible follow-ups>
- RE: Re: Internet Explorer URL parsing vulnerabi lity David Vincent (Dec 11)
- RE: Re: Internet Explorer URL parsing vulnerabi lity Frank Knobbe (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity Jim Race (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity Jim Race (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity Heikki Toivonen (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity Dave Sherohman (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity Nick FitzGerald (Dec 11)
- RE: Re: Internet Explorer URL parsing vulnerabi lity Bill Royds (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity William Warren (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerabi lity Peter Moody (Dec 11)