[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability

To: S G Masood <sgmasood@yahoo.com>
Subject: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
From: "S . f . Stover" <attica@stackheap.org>
Date: Tue, 9 Dec 2003 09:16:25 -0500

On 09 Dec 03 10:22:59AM S G Masood[sgmasood@yahoo.com] wrote:
: ># POC ##########
: >http://www.zapthedingbat.com/security/ex01/vun1.htm
: 

Interestingly enough, MSIE for OS X doesn't display this behavior.  My address
bar contained this URL:

http://www.microsoft.com%01@zapthedingbat.com/security/ex01/vun2.htm



-- 

aka Dolph Longhorn
GPG Key ID: 0xF8F859D0
http://pgp.mit.edu:11371/pks/lookup?search=0xF8F859D0&op=index

"There is no such thing as right and wrong, there's just popular opinion."
-Jeffrey Goines

Attachment: pgp00023.pgp
Description: PGP signature

Follow-Ups:
- Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
  - From: Jeremiah Cornelius <jeremiah@nur.net>

References:
- [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
  - From: S G Masood <sgmasood@yahoo.com>

Prev by Date: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
Next by Date: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
Previous by thread: Re: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
Next by thread: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
Index(es):
- Date
- Thread