[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Internet Explorer URL parsing vulnerability

To: "bugtraq" <bugtraq@securityfocus.com>
Subject: RE: Internet Explorer URL parsing vulnerability
From: "Mimmus" <dviggiani@tiscali.it>
Date: Thu, 11 Dec 2003 16:55:18 +0100

Can any workaround be used at proxy level? 

I.e. can malicious URLs be blocked using Squid?



Thanks in advance

Domenico Viggiani



> -----Original Message-----

> From: bugtraq@zapthedingbat.com [mailto:bugtraq@zapthedingbat.com]

> Sent: Tuesday, December 09, 2003 3:44 PM

> Subject: Internet Explorer URL parsing vulnerability

> 

> Internet Explorer URL parsing vulnerability

> Vendor Notified 09 December, 2003

> 

> # Vulnerability ##########

> There is a flaw in the way that Internet Explorer displays 

> URLs in the address bar.

> 

> By opening a specially crafted URL an attacker can open a 

> page that appears to be from a different domain from the 

> current location.

Prev by Date: Cyclonic Webmail 4 multiple vulnerabilities
Next by Date: Re: Dell BIOS DoS
Previous by thread: RE: Internet Explorer URL parsing vulnerability
Next by thread: BNCweb File Disclosure Vulnerability
Index(es):
- Date
- Thread