Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Browsers :: hack2253.htm

Microsoft Internet Explorer ImageMap URL Spoof vuln



Microsoft Internet Explorer ImageMap URL Spoof Vulnerability

Microsoft Internet Explorer ImageMap URL Spoof Vulnerability

http://www.kurczaba.com/securityadvisories/0405132.htm 
-------------------------------------------------------------

Vulnerability ID Number:
0405132


Overview:
A vulnerability has been found in Microsoft Internet Explorer. A 
specially coded ImageMap can be used to spoof the URL displayed in the 
lower, left hand corner of the browser.


Vendor:
Microsoft (http://www.microsoft.com) 


Affected Systems/Configuration:
The versions affected by this vulnerability are Microsoft Internet 
Explorer 5 and 6.


Vulnerability/Exploit:
An ImageMap can be used to spoof the URL displayed in the lower, left 
hand of the browser. View the "Proof of Concept" example for details.


Workaround:
None so far.


Proof of Concept:
http://www.kurczaba.com/securityadvisories/0405132poc.htm 


Date Discovered:
May 13, 2004


Severity:
High


Credit:
Paul Kurczaba
Kurczaba Associates
http://www.kurczaba.com/ 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH