Forums Últimos mensajes - Powered by IBM
 
Tags Palabras claves

[VULNERABLE] Internet Explorer/Outlook Express

01/04/2004 - 18:07 por Ille Corvus | Informe spam
Ayuda Hacer una pregunta
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-Internet Explorer/Outlook Express Restricted Zone Status Bar Spoofing

Critical: Not critical
Impact: Security Bypass
Where: From remote

Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Microsoft Outlook Express 5
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6

Description:
http-equiv has discovered a weakness in Internet Explorer, which
potentially can be exploited by malicious people to trick users into
visiting a malicious website.

It is normally possible for script code to manipulate information
displayed in the status bar. However, an error in Internet Explorer
allows manipulation of the status bar without using any script code.
This can be exploited by embedding a specially crafted form in a link.

Example:
<A HREF="http://[trusted_site]/">
<FORM action=http://[malicious_site]/ method=get>
<INPUT style="BORDER-RIGHT: 0pt; BORDER-TOP: 0pt; FONT-SIZE: 10pt;
BORDER-LEFT: 0pt; CURSOR: hand; COLOR: blue; BORDER-BOTTOM: 0pt;
BACKGROUND-COLOR: transparent; TEXT-DECORATION: underline"
type=submit value=http://[trusted_site]/>
</A>

This also affects Outlook Express as it uses the same HTML rendering
functionality as Internet Explorer. Outlook Express users may
especially trust information displayed in the status bar since HTML
documents are viewed in context of the "Restricted" zone, which has
scripting support disabled.

Successful exploitation may result in a user being tricked into
visiting a malicious website by following a specially crafted link.

The problem has been confirmed in versions 5.01 and 6. Version 5.5 is
likely also affected.


Solution:
Never follow links from untrusted sources.

Fuente: http://secunia.com/advisories/11273/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Ille Corvus.
"Quien es auténtico, asume la responsabilidad por ser lo que es y se reconoce libre de ser lo que ser.(Jean Paul Sartre)"
email Siga el debateRespuesta 2 respuestasRespuesta Tengo una respuesta
DRAGON AGE™: INQUISITION – Matadragones
 

Leer las respuestas

#1 Anonimo
01/04/2004 - 18:48 | Informe spam
Podrías poner toda esa información en español para que
los que no somos políglotas nos enteráramos de lo que ahí
se explica.

Gracias

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


=-=-=-=-=-=-=-=-=-=->Internet Explorer/Outlook Express Restricted Zone Status
Bar Spoofing

Critical: Not critical
Impact: Security Bypass
Where: From remote

Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Microsoft Outlook Express 5
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6

Description:
http-equiv has discovered a weakness in Internet


Explorer, which
potentially can be exploited by malicious people to


trick users into
visiting a malicious website.

It is normally possible for script code to manipulate


information
displayed in the status bar. However, an error in


Internet Explorer
allows manipulation of the status bar without using any


script code.
This can be exploited by embedding a specially crafted


form in a link.

Example:
<A HREF="http://[trusted_site]/">
<FORM action=http://[malicious_site]/ method=get>
<INPUT style="BORDER-RIGHT: 0pt; BORDER-TOP: 0pt; FONT-


SIZE: 10pt;
BORDER-LEFT: 0pt; CURSOR: hand; COLOR: blue; BORDER-


BOTTOM: 0pt;
BACKGROUND-COLOR: transparent; TEXT-DECORATION:


underline"
type=submit value=http://[trusted_site]/>
</A>

This also affects Outlook Express as it uses the same


HTML rendering
functionality as Internet Explorer. Outlook Express


users may
especially trust information displayed in the status bar


since HTML
documents are viewed in context of the "Restricted"


zone, which has
scripting support disabled.

Successful exploitation may result in a user being


tricked into
visiting a malicious website by following a specially


crafted link.

The problem has been confirmed in versions 5.01 and 6.


Version 5.5 is
likely also affected.


Solution:
Never follow links from untrusted sources.

Fuente: http://secunia.com/advisories/11273/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


=-=-=-=-=-=-=-=-=-=->

Ille Corvus.
"Quien es auténtico, asume la responsabilidad por ser lo


que es y se reconoce libre de ser lo que ser.(Jean Paul
Sartre)"
.

Preguntas similares

 

Busqueda sugerida :