New IE Flaw Spoofs URLs
1 min read
Nov 01, 2004
A series of HTML-based exploits allow a malicious HTML programmer to direct a user to a different Web site than the one indicated in the user's browser status line.
Two separate but similar issues affect Internet Explorer. The first, reported by Benjamin Franz of Germany on the Bugtraq mailing list, involves an improper mixture of anchor and table tags, with links to two different sites.
On fully-patched Windows systems prior to Windows XP SP2, users hovering over the link will see one URL in the status bar, but when they click on the link, they will be taken to a different address. On Windows XP SP2, clicking on the link brings the user to the same address indicated in the status line. Users hovering just below the link will see the second address, but clicking in this area does not change the browser location.
The link for this article located at Larry Seltzer is no longer available.
Related Articles
1 - 0 min read
Navigating the Open Source Security Landscape in 2024
1 - 0 min read
Malicious Python Projects Targeting Linux, Windows Systems
1 - 0 min read
RunC Container Escape Flaws Grant Attackers Host Access
1 - 0 min read
Debian and Ubuntu Fix More OpenSSH Vulnerabilities
