Network Security: Detailed info on RE: New URL spoofing bug in Microsoft Internet Explorer

Subject:	RE: New URL spoofing bug in Microsoft Internet Explorer
Date:	Fri, 29 Oct 2004 19:08:52 -0400

Russ from NTBugTraq helped to clear some of this up. If you hover the
mouse below the actual link to Google - in a very narrow area - the
status bar will show www.microsoft.com, but clicking doesn't do
anything. So it's definitely a stupid error in IE, but the spoofing
angle in SP2 is debatable.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@ziffdavis.com 
-----Original Message-----
From: GuidoZ [mailto:uberguidoz@gmail.com] 
Sent: Friday, October 29, 2004 3:20 PM
To: Larry Seltzer
Cc: 0-1-2-3@gmx.de; bugtraq@securityfocus.com
Subject: Re: New URL spoofing bug in Microsoft Internet Explorer

Same version I tested, Larry. (Same results too, for the most part.) Try
looking at my page for another example (as I stated in my previous
emails), as well as a way it might "work" in a sense:
 - http://www.guidoz.com/btstatusurl.html

FYI: It seems my emails from 10/28 may have not made it to the list yet
(?). They are included.

--
Peace. ~G


On Thu, 28 Oct 2004 22:14:28 -0400, Larry Seltzer
<larry@larryseltzer.com> wrote:

Windows XP SP2 (IE 6.0.2900.2180.xpsp_sp2_rtm.040803-2158)
Has no problem - the status bar says Google and the click goes to 
Google

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@ziffdavis.com


-----Original Message-----
From: 0-1-2-3@gmx.de [mailto:0-1-2-3@gmx.de]
Sent: Thursday, October 28, 2004 5:38 PM
To: bugtraq@securityfocus.com
Subject: New URL spoofing bug in Microsoft Internet Explorer

New URL spoofing bug in Microsoft Internet Explorer

There is a security bug in Internet Explorer 6.0.2800.1106 (fully 
patched), which allowes to show any faked target-address in the status

bar of the window.

The example below will display a faked URL 
("http://www.microsoft.com/";) in the status bar of the window, if you

move your mouse over the link.

Click on the link and IE will go to "http://www.google.com/"; and NOT 
to "http://www.microsoft.com/"; .

<a href="http://www.microsoft.com/";><table><tr><td><a
href="http://www.google.com/";>Click here</td></tr></table></a>

Description: Microsoft Internet Explorer can't handle links surrounded

by a table and an other link correct.

The bug can be exploited using HTML mail message too.

Affected software: Microsoft Internet Explorer, Microsoft Outlook 
Express, ...

Workaround: Don't click on non-trusted links. Or right-click on links 
to see the real target. Or use Copy-and-Paste.

Regards,
Benjamin Tobias Franz
Germany

<Prev in Thread]	Current Thread	[Next in Thread>
New URL spoofing bug in Microsoft Internet Explorer, 0-1-2-3 RE: New URL spoofing bug in Microsoft Internet Explorer, Larry Seltzer Re: New URL spoofing bug in Microsoft Internet Explorer, GuidoZ RE: New URL spoofing bug in Microsoft Internet Explorer, Larry Seltzer <= Re: New URL spoofing bug in Microsoft Internet Explorer, Christopher J. Pilkington Re: New URL spoofing bug in Microsoft Internet Explorer, GuidoZ Re: New URL spoofing bug in Microsoft Internet Explorer, GuidoZ Re: New URL spoofing bug in Microsoft Internet Explorer, Jérôme Re: New URL spoofing bug in Microsoft Internet Explorer, 0-1-2-3 Re: New URL spoofing bug in Microsoft Internet Explorer, http-equiv@excite.com

Previous by Date:	[VulnWatch] bogofilter-SA-2004-01: RFC 2047 Denial-of-service in 0.17.4 <= bogofilter <= 0.92.7, Matthias Andree
Next by Date:	Re: New URL spoofing bug in Microsoft Internet Explorer, http-equiv@excite.com
Previous by Thread:	Re: New URL spoofing bug in Microsoft Internet Explorer, GuidoZ
Next by Thread:	Re: New URL spoofing bug in Microsoft Internet Explorer, Christopher J. Pilkington
Indexes:	[Date] [Thread] [Top] [All Lists]