Bugtraq mailing list archives
Re: New URL spoofing bug in Microsoft Internet Explorer
From: "http-equiv () excite com " <1 () malware com>
Date: Thu, 11 Nov 2004 21:15:12 -0000
Since we're going the whole nine yards here, let's toss in the following as well: 1. This will of course give a different reading in the status bar 2. More importantly it will bypass the so-called 'popup blocker' in IE XP SP2 It's a hand-made Excel spreadsheet using OWC11 for Office 2003. One might suspect that the older versions will function the same. [screenshot: http://www.malware.com/xcellente.png 5 KB] Perhaps someone with more knowledge can get it to automate: 'foo.ActiveCell.openHyperlink 'foo.Worksheets(1).Hyperlinks(1).Follow Then you're back in the popup business. Raw functional incomplete demo here: [OWC11: switch on your IE popup blocker] http://www.malware.com/xcellent.html -- http://www.malware.com
Current thread:
- Re: New URL spoofing bug in Microsoft Internet Explorer roozbeh afrasiabi (Nov 09)
- Re: New URL spoofing bug in Microsoft Internet Explorer q q (Nov 16)
- Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (Nov 17)
- <Possible follow-ups>
- Re: New URL spoofing bug in Microsoft Internet Explorer http-equiv () excite com (Nov 11)
- RE: New URL spoofing bug in Microsoft Internet Explorer Michael Silk (Nov 17)
- Re: New URL spoofing bug in Microsoft Internet Explorer q q (Nov 16)