[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IE7 website security certificate discrediting exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: IE7 website security certificate discrediting exploit
From: inge_eivind.henriksen@xxxxxxxxx
Date: 7 Nov 2006 19:00:32 -0000

There is a similar bug with ieframe-dll's sslnavcancel.htm. I also found that 
if you use ieframe.dll's http_410.htm you can make a link that says "The 
webpage no longer exists" with a spoof'ed address. POC's is at my blog as 
comments to the original article.

Prev by Date: News publication system remote File include
Next by Date: DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php
Previous by thread: IE7 website security certificate discrediting exploit
Next by thread: GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability
Index(es):
- Date
- Thread