Internet Explorer Address Bar Spoofing Vulnerability

Discussion in 'other security issues & news' started by gerardwil, Aug 16, 2004.

Thread Status:
Not open for further replies.
  1. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Description:
    Liu Die Yu has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct phishing attacks against a user.

    NOTE: Currently known attack vectors do not work on Windows XP systems with SP2 applied.

    http://secunia.com/advisories/12304/

    You can test your browser via the link on this page.
     
  2. Rita

    Rita Infrequent Poster

    Joined:
    Jun 28, 2004
    Posts:
    6,863
    Location:
    wilds of wv
    hello Gerardwil
    thanks for the link i tested my browser and it wasnt vulnerable.
    have a good day
    rita
     
  3. zcv

    zcv Registered Member

    Joined:
    Dec 11, 2002
    Posts:
    355
    Proxomitron will stop it as well.

    Regards - Charles
     
  4. xmp

    xmp Guest

    argh. i have win 98 se, ie 6 sp1 with full patches. with the demo, yahoo.com popped up in bar, then it triggered a flood of windows. it appears to partially work, but i had to close IE.

    i'll download the JS and look at it.
     
Loading...
Thread Status:
Not open for further replies.