Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability

From: "Drew Copley" <dcopley () eeye com>
Date: Mon, 17 May 2004 13:08:16 -0700
This bug is identical to malware's, which he posted five days
ago.

http://securityfocus.com/archive/1/362800/2004-05-07/2004-05-13/0

They both utilize the map object to the same end.

This "finding" even uses the same name for the same gif as Malware's
did. 

It does appear to have obfuscated the original work so as to be
confusing, but that is it.


-----Original Message-----
From: Kurczaba Associates advisories [mailto:advisories () kurczaba com] 
Sent: Monday, May 17, 2004 11:15 AM
To: bugtraq () securityfocus com
Subject: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability

Microsoft Internet Explorer ImageMap URL Spoof Vulnerability

http://www.kurczaba.com/securityadvisories/0405132.htm
-------------------------------------------------------------

Vulnerability ID Number:
0405132


Overview:
A vulnerability has been found in Microsoft Internet Explorer. A 
specially coded ImageMap can be used to spoof the URL 
displayed in the 
lower, left hand corner of the browser.


Vendor:
Microsoft (http://www.microsoft.com)


Affected Systems/Configuration:
The versions affected by this vulnerability are Microsoft Internet 
Explorer 5 and 6.


Vulnerability/Exploit:
An ImageMap can be used to spoof the URL displayed in the lower, left 
hand of the browser. View the "Proof of Concept" example for details.


Workaround:
None so far.


Proof of Concept:
http://www.kurczaba.com/securityadvisories/0405132poc.htm


Date Discovered:
May 13, 2004


Severity:
High


Credit:
Paul Kurczaba
Kurczaba Associates
http://www.kurczaba.com/
Previous By Date Next
Previous By Thread Next

Current thread: