[35827] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Forward:FullDisclosure/IE - Possible Address Spoofing

daemon@ATHENA.MIT.EDU (Liu Die Yu)
Fri Jul 23 13:42:34 2004

Message-ID: <41005D98.8090601@umbrella.name>
Date: Fri, 23 Jul 2004 08:36:40 +0800
From: Liu Die Yu <liudieyu@umbrella.name>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

-----
SUBJ: FullDisclosure: multiple web browsers, multiple bugs - onUnload 
and location.href
FROM: Rudolf Polzer (divzero_at_gmail.com)
URL : http://seclists.org/lists/fulldisclosure/2004/Jul/1001.html
DEMO: http://www.informatik.uni-frankfurt.de/~polzer/rbiclan/location
-----

after i clicked "Google" on the page, address field of IE was faked - on 
ie6.sp1.up2date running on winxp.home.en.up2date

just got it at iebug.com today.

liudieyu
liudieyu AT umbrella D0T name


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[35827] in bugtraq

Forward:FullDisclosure/IE - Possible Address Spoofing

daemon@ATHENA.MIT.EDU (Liu Die Yu)Fri Jul 23 13:42:34 2004

daemon@ATHENA.MIT.EDU (Liu Die Yu)
Fri Jul 23 13:42:34 2004