[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing -- A joke ? (Modifié par ZATAZ)
- To: eromang@xxxxxxxxx
- Subject: [Full-Disclosure] [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing -- A joke ? (Modifié par ZATAZ)
- From: Secunia Security Advisories <sec-adv@xxxxxxxxxxx>
- Date: Thu, 17 Feb 2005 16:08:38 +0100
Hello,
Is this adviso or all other adviso related to the status bar spoofing a
joke ????
If not then Mozilla, Firefox and some other's browsers are vulnerable
to this kind off spoofing .....
Take a look :
http://www.zataz.net/dev/lol-browser-spoofing.html
Vulnerable :
Mozilla (all versions)
Internet Explorer (all versions)
others ....
Firefox :
he display nothing, but normally should display the URL,
it is spoofing ? LOL
Bye, bye status bar, bye bye funny message in status bar, spoofing
paranoiac has kill you.
Regards.
Eric Romang
------------------------------------------------------------------------
--------------------------------------------------
TITLE:
Internet Explorer/Outlook Express Status Bar Spoofing
SECUNIA ADVISORY ID:
SA14304
VERIFY ADVISORY:
http://secunia.com/advisories/14304/
CRITICAL:
Not critical
IMPACT:
Security Bypass
WHERE:
From remote
SOFTWARE:
Microsoft Outlook Express 6
http://secunia.com/product/102/
Microsoft Internet Explorer 6
http://secunia.com/product/11/
DESCRIPTION:
bitlance winter has discovered a weakness in Internet
Explorer/Outlook Express, which can be exploited by malicious people
to trick users into visiting a malicious web site by obfuscating
URLs.
It is by default possible for script code to manipulate information
displayed in the status bar. However, an error allows manipulation of
the status bar without using any script code (e.g. in the "Restricted
sites" zone).
This can be exploited by including a "label" tag for a link, which
manipulates the link's appearance via some specially crafted HTML
code.
This weakness is a variant of:
SA11273
SA11582
SA13015
Example:
<p><a id="SPOOF" href="[malicious_site]"></a></p>
<div>
<a href="[trusted_site]">
<table>
<caption>
<a href="[trusted_site]">
<label for="SPOOF">
<u style="cursor: pointer; color: blue">
[trusted_site]
</u>
</label>
</a>
</caption>
</table>
</a>
</div>
The weakness has been confirmed in version 6.0 on a fully patched
system running Windows XP with SP2 installed. Other versions may also
be affected.
SOLUTION:
Never follow links from untrusted sources.
PROVIDED AND/OR DISCOVERED BY:
bitlance winter
OTHER REFERENCES:
SA11273:
http://secunia.com/advisories/11273/
SA11582
http://secunia.com/advisories/11582/
SA13015:
http://secunia.com/advisories/13015/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=eromang%40zataz.net
----------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html