Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Spoofing Vulnerability in IE

Posted by CowboyNeal on Thursday December 16, 2004 @12:57PM from the url-b-gone dept.

Jimmy M. writes "A new vulnerability has been announced in Internet Explorer, also affecting XP SP2, which can very easily be exploited by a malicious web site to completely spoof the address bar. The vulnerability is very similar to another vulnerability disclosed just about a year ago called the '%00' vulnerability, which also was widely exploited by phishers. A demonstration is also available."

2 of 372 comments (clear)

Min score:

Reason:

Sort:

Vulnerability Confirmed on Avant Browser by Eyah....TIMMY · 2004-12-16 12:59 · Score: 5, Informative

Using the latest version of Avant Browser, on a fully patched XP SP2 system. It seems obvious since Avant is based on IE but I thought it would be useful to know.

--

It is not enough to have a good mind. The main thing is to use it well. - Rene Descartes (1637)
1. Re:Vulnerability Confirmed on Avant Browser by zarniwoop102939 · 2004-12-16 13:46 · Score: 5, Informative
  
  As suggested in the article, you can block the vulnerability in Avant by disabling ActiveX (Tools | Disable ActiveX). This is how I browse with Avant by default, along with:
  
  - Block Flash
  - Block Popups
  - Block Ads
  - Disable Sounds
  - Disable Videos
  - Disable Java Applets
  
  Makes pages load very fast, and if I need one of those functions for the page I'm on, I just toggle it on for the session.
  
  Between these security features and still having the compatibility of IE, that's why I love Avant so much. Yes I used Firefox for 2 weeks, and went back to Avant.