We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Internet Explorer Vulnerability - IMPORTANT
Options
antonios_2
Posts: 24 Forumite
in Techie Stuff
FYI : This website offers a test to check whether your browser is vulnerable to a phishing flaw
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/
Guess what !!! INTERNET EXPLORER MAY DISPLAY A LEGITIMATE ADDRESS WHILE YOU ARE VIEWING A WEBPAGE FROM A BOGUS WEBSITE
IE is totally vulnerable to this flaw!
I tested the same page with FIREFOX and everyhting was OK!!
Microsoft is still working on a patch....
You have been warned :money:
Cheers! :beer:
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/
Guess what !!! INTERNET EXPLORER MAY DISPLAY A LEGITIMATE ADDRESS WHILE YOU ARE VIEWING A WEBPAGE FROM A BOGUS WEBSITE
IE is totally vulnerable to this flaw!
I tested the same page with FIREFOX and everyhting was OK!!
Microsoft is still working on a patch....
You have been warned :money:
Cheers! :beer:
Two things are infinite: the universe and human stupidity; and I'm not sure about the universe.
Albert Einstein (1879 - 1955) :beer:
Albert Einstein (1879 - 1955) :beer:
0
Comments
-
I'm not sure IE is vulnerable to this so-called flaw. The secunia page is shown when they say it would be google - the back button goes to Google, so all they have done is call two sites up.
Are you sure about this information?0 -
Yes it is a flaw. Yes IE is vulnerable. The flaw is a race condition exploit where you goto one page, setting the title and then using javascript open a second window.
Code from the secunia site is:
openWin('http://www.google.com/');
setTimeout("openWin('/19521_swf/?" + Math.random() + "');", 300);
setTimeout("openWin('/19521_swf_result/');", 2500);
As the example says you can think you are on one site and actually be somewhere completely different.
Also affects IE 7 beta 2 - doesn't affect Opera btw.
Also worth visiting http://bcheck.scanit.be/bcheck/ to see what holes are in your browser - no matter which one you'veThey promised the earth...and delivered mud. Technically though it did meet the spec.0 -
The Browser Security Test is finished. Please find the results below:
High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0
I am running Internet Explorer. Hmm..."Whenever you find yourself on the side of the majority, it's time to pause and reflect." - Mark Twain0 -
Yep - they stopped updating last year sometime - I discovered that after I'd posted the link - sorry. This means that the latest bunch of browser issues are not included.
Worth a visit to the secunia site to see what unpatched 'features' are in your browser - they sometimes include demonstration exploit code to test:
For Internet Explorer: http://secunia.com/product/11/
For Opera: http://secunia.com/product/4932/
For Firefox/Mozilla: http://secunia.com/product/4227/They promised the earth...and delivered mud. Technically though it did meet the spec.0 -
redux wrote:I'm not sure IE is vulnerable to this so-called flaw. The secunia page is shown when they say it would be google - the back button goes to Google, so all they have done is call two sites up.
Are you sure about this information?
Ye mate its a massive flaw.
Microsoft have confirmed it and say they're working on a patch...
Listen to the security Now podcast :P got it all on there[FONT=Arial, Helvetica, sans-serif]"The internet is a great way to get on the net."
- Bob Dole, Republican presidential candidate[/FONT]0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.1K Mortgages, Homes & Bills
- 177K Life & Family
- 257.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards