|
|
| |
| A weakness has been discovered in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks. |
| |
Credit:
The original article can be found at: http://secunia.com/advisories/22542/
|
| |
Vulnerable Software:
The weakness is confirmed in Internet Explorer 7 on a fully patched Windows XP SP2 system.
It is possible to display a popup with a somewhat spoofed address bar where a number of special characters have been appended to the URL. This makes it possible to only display a part of the address bar, which may trick users into performing certain unintended actions.
Secunia has constructed a demonstration, which is available at:
http://secunia.com/internet_explorer_7_popup_address_bar_spoofing_test/
US-CERT VU#347188
|
|
|
| Subject:
|
Dont work |
Date: |
29 Oct. 2006 |
| From: |
dukeduken.com |
| Don't work, because when you click on the pop-up the full URL is shown |
|
|
|
|
