Bugtraq mailing list archives
Re: [IE 6 SP2] Possible URL Spoofing
From: "http-equiv () excite com" <1 () malware com>
Date: Sat, 16 Oct 2004 20:58:58 -0000
<!-- javascript:document.write("<iframe src='http://www.google.com' width='100%' height='100%'></iframe>"); --> This is representative of a generic cross-site-scripting situation. The homepage idea is a good one, but to date it seems impossible to break the silly security warning. From a site aspect you just need a 'hole' to penetrate and effect your code. oh dear...perhaps like this one: http://www.malware.com/dload.html -- http://www.malware.com
Current thread:
- [IE 6 SP2] Possible URL Spoofing Andrew Hunter (Oct 15)
- Re: [IE 6 SP2] Possible URL Spoofing Paul Kurczaba (Oct 18)
- <Possible follow-ups>
- Re: [IE 6 SP2] Possible URL Spoofing http-equiv () excite com (Oct 18)
- RE: [IE 6 SP2] Possible URL Spoofing Dror Shalev (Oct 19)