AOH :: Windows Net Apps :: B06-5622.HTM

AOH :: Windows Net Apps :: B06-5622.HTM
IE7 website security certificate discrediting exploit

IE7 website security certificate discrediting exploit IE7 website security certificate discrediting exploit


** Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ ** 

Advisory Name: IE7 website security certificate discrediting exploit 
Tested and Confirmed Vulnerable: Microsoft(R) Internet Explorer(R) 7 
Severity: Low 
Type: Spoof 
>From where: Remote 
Discovered by: Inge Henriksen (http://ingehenriksen.blogspot.com/) 
Vendor Status: Notified 
Overview: 

It is possible to create a link in Microsoft(R) Internet Explorer(R) 7 that discredits a websites security certificate. The bad design is in the ieframe.dll's embedded invalidecert.htm.

Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.