TUCoPS :: Browsers :: hack2253.htm

Microsoft Internet Explorer ImageMap URL Spoof vuln
Microsoft Internet Explorer ImageMap URL Spoof Vulnerability 

Microsoft Internet Explorer ImageMap URL Spoof Vulnerability

http://www.kurczaba.com/securityadvisories/0405132.htm 
-------------------------------------------------------------

Vulnerability ID Number:
0405132


Overview:
A vulnerability has been found in Microsoft Internet Explorer. A 
specially coded ImageMap can be used to spoof the URL displayed in the 
lower, left hand corner of the browser.


Vendor:
Microsoft (http://www.microsoft.com) 


Affected Systems/Configuration:
The versions affected by this vulnerability are Microsoft Internet 
Explorer 5 and 6.


Vulnerability/Exploit:
An ImageMap can be used to spoof the URL displayed in the lower, left 
hand of the browser. View the "Proof of Concept" example for details.


Workaround:
None so far.


Proof of Concept:
http://www.kurczaba.com/securityadvisories/0405132poc.htm 


Date Discovered:
May 13, 2004


Severity:
High


Credit:
Paul Kurczaba
Kurczaba Associates
http://www.kurczaba.com/

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH