Bugtraq mailing list archives
RE: Internet Explorer URL parsing vulnerability
From: "Mimmus" <dviggiani () tiscali it>
Date: Thu, 11 Dec 2003 16:55:18 +0100
Can any workaround be used at proxy level? I.e. can malicious URLs be blocked using Squid? Thanks in advance Domenico Viggiani
-----Original Message-----
From: bugtraq () zapthedingbat com [mailto:bugtraq () zapthedingbat com]
Sent: Tuesday, December 09, 2003 3:44 PM
Subject: Internet Explorer URL parsing vulnerability
Internet Explorer URL parsing vulnerability
Vendor Notified 09 December, 2003
# Vulnerability ##########
There is a flaw in the way that Internet Explorer displays
URLs in the address bar.
By opening a specially crafted URL an attacker can open a
page that appears to be from a different domain from the
current location.
Current thread:
- Re: Internet Explorer URL parsing vulnerability, (continued)
- Message not available
- Re: Internet Explorer URL parsing vulnerability Eric "MightyE" Stevens (Dec 09)
- Internet Explorer URL parsing vulnerability John W. Noerenberg II (Dec 09)
- Re: Internet Explorer URL parsing vulnerability Pedro Castro (Dec 10)
- Re: Internet Explorer URL parsing vulnerability William Stockall (Dec 10)
- Re: Internet Explorer URL parsing vulnerability Andreas Plesner Jacobsen (Dec 10)
- Re: Internet Explorer URL parsing vulnerability Charles Richmond (Dec 11)
- Re: Internet Explorer URL parsing vulnerability Tiago Pierezan Camargo (Dec 10)
- Re: Internet Explorer URL parsing vulnerability Pedro Castro (Dec 10)