• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer Password Character Determination Vulnerability

There is no exploit required.