Pank's Blog: Internet Explorer Window Loading Race Condition Address Bar Spoofing

April 07, 2006

Internet Explorer Window Loading Race Condition Address Bar Spoofing

Internet Explorer Window Loading Race Condition Address Bar Spoofing
Internet Explorer Address Bar Spoofing Vulnerability Test
此漏洞可以讓 IE 在網址列秀出假造的 URL, 可能會被詐騙/釣魚網站所利用.
其他 IE base 的瀏覽器:
MyIE 0.9.27.68 Not vulnerable (出現兩頁)
Maxthon 1.5.2 Build 21 Not vulnerable (Blocked)
KKMan 2.1.401 Vulnerable
KKMan 3.00 Vulnerable
PCMan 2004 Combo Vulnerable
ref. ChrisTorng: IE 6/7 位址列漏洞

Posted by pank at April 7, 2006 08:37 PM

Comments

Post a comment