Full Disclosure mailing list archives
RE: Re: Internet Explorer URL parsing vulnerability
From: S G Masood <sgmasood () yahoo com>
Date: Thu, 11 Dec 2003 09:14:03 -0800 (PST)
Hello Paul, I posted reply to your message before but it didn't appear on the list. There seems to be some problem with the listserv. This is the second message that was lost in the last 24 hours. --- "Schmehl, Paul L" <pauls () utdallas edu> wrote:
Hey, to be very honest, if this was 0day and thespoof waswell constructed, even you and me would probablyfall for it. ;DReally? I kind of doubt it, since I would never click on a link in an email message that had anything to do with financial matters. I doubt that you would either - 0day or not.
I was talking about a very general form of exploitation, not specifically email links that lead to a financial/banking spoof site. A whole range of social engineering goals can be accomplished by using this vuln., creatively in a subtle way. Subtlety is the key here. Just think about all the possibilities! :) Petard posted a funny example just now - http://petard.freeshell.org/ms-announce.html -- S.G.Masood __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Internet Explorer URL parsing vulnerability, (continued)
- Re: Re: Internet Explorer URL parsing vulnerability Daniel H. Renner (Dec 10)
- Re: Re: Internet Explorer URL parsing vulnerability petard (Dec 10)
- Re: Re: Internet Explorer URL parsing vulnerability Jedi/Sector One (Dec 10)
- Re: Re: Internet Explorer URL parsing vulnerability Valdis . Kletnieks (Dec 10)
- Re: Re: Internet Explorer URL parsing vulnerability Georgi Guninski (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability Dark Avenger (Dec 12)
- Re: Re: Internet Explorer URL parsing vulnerability Georgi Guninski (Dec 12)
- Re: RE:Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 10)
- RE: Re: Internet Explorer URL parsing vulnerability S G Masood (Dec 11)
- RE: Re: Internet Explorer URL parsing vulnerability S G Masood (Dec 12)
- RE: Re: Internet Explorer URL parsing vulnerability Jarkko Turkulainen (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability petard (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability petard (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability John Sage (Dec 11)
- Re: Re: Internet Explorer URL parsing vulnerability Erik van Straten (Dec 12)
- Re: Re: Internet Explorer URL parsing vulnerability Georgi Guninski (Dec 12)