Vulnerability Development mailing list archives

RE: Odd MSIE html parsing

From: "Golden_Eternity" <bhodi_jabir () yahoo com>
Date: Wed, 2 Jan 2002 10:45:22 -0800

Wasn't able to reproduce this with patched IE6 on 2k.

-----Original Message-----
From: Matthew S. Hallacy [mailto:poptix () techmonkeys org]
Sent: Wednesday, January 02, 2002 5:36 AM
To: vuln-dev () securityfocus com
Subject: Odd MSIE html parsing


I recieved an odd spam today, the links were obfuscated as follows:

<A
HREF="http://www.ca1.waredet.net.co.fr^T^B^T^E^T|https.travel.bzah.com^B">

clicking on the link in MSIE shows the following in the address bar:
'http://www.ca1.waredet.net.co.fr(?????)|https.travel.bzah.com/'
while it's really going to https.travel.bzah.com (a stupid
angelfire spam site,
die die die)

Comments? I'm curious as to why MSIE allows control characters in the url
like this, it didn't work in Mozilla.

                              - Matthew S. Hallacy
--

Current thread:

Odd MSIE html parsing Matthew S. Hallacy (Jan 02)
- RE: Odd MSIE html parsing Golden_Eternity (Jan 02)
  - Re: Odd MSIE html parsing Florian Hobelsberger / BlueScreen (Jan 17)