Slashdot Mirror


New Spoofing Vulnerability in IE

Jimmy M. writes "A new vulnerability has been announced in Internet Explorer, also affecting XP SP2, which can very easily be exploited by a malicious web site to completely spoof the address bar. The vulnerability is very similar to another vulnerability disclosed just about a year ago called the '%00' vulnerability, which also was widely exploited by phishers. A demonstration is also available."

4 of 372 comments (clear)

  1. Yet another reason... by sjrstory · · Score: -1, Redundant

    ...to move to Firefox..

  2. Comment removed by account_deleted · · Score: 0, Redundant

    Comment removed based on user account deletion

  3. Does anyone really care anymore? by The+Foo · · Score: -1, Redundant

    Just use Firefox and you're not affected.

    --
    http://www.macinhack.com
  4. javascript by spisska · · Score: 0, Redundant

    I'm running SP1, but when I hover on the test link my status bar says:

    javascript:start();

    Maybe it's an exploit, but I wouldn't fall for it.