[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity

To: full-disclosure@lists.netsys.com
Subject: RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
From: David Vincent <david.vincent@mightyoaks.com>
Date: Thu, 11 Dec 2003 09:22:26 -0800

> On Thu, Dec 11, 2003 at 10:26:06AM -0500, Funk Jr, Joseph C. wrote:
> > Works fine for me same version IE6.0.2800.1106.xpsp2.  
> Sends me to https://paypal.com  Although I did notice that 
> the <button> seems to be a requirement for this vulnerability 
> to work, as using a plain hyperlink <a href> fails for me.
> > 
> Try this one:
> http://petard.freeshell.org/ms-announce.html

displayed as "http://www.microsoft.com%01@slashdot.org/"; in the latest
Firebird 0.7+ nightly.

displayed as "http://www.microsoft.com@slashdot.org/" in Opera 7.23 AFTER
getting a warning about going to an URL which includes a username.

displayed as "http://www.microsoft.com@slashdot.org/" in Avant Browser 8.02
Build 207

displayed as "http://www.microsoft.com"; in IE 6.0.2800.1106

all are on W2k Pro SP4 et al.

-d

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
  - From: Frank Knobbe <frank@knobbe.us>
- Re: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
  - From: Jim Race <caferace@well.com>

Prev by Date: Qwik-Fix >> was: [Full-Disclosure] The *real* reason the pivx unp atched IE flaws page was taken offline?
Next by Date: RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability
Previous by thread: RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
Next by thread: RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
Index(es):
- Date
- Thread