BugTraq
Back to list
|
Post reply
Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
May 27 2004 09:53AM
sandrijeski yahoo com
(3 replies)
In-Reply-To: <40A90108.9000301 (at) kurczaba (dot) com [email concealed]>
I can't see this as vulnerability because its legal code I do something similar without using image map for my site to hide the affiliate tracking code.
This is the code:
<a onmouseover="window.status='http://www.the-url-you-see.com;return true"
title="The Link"
onmouseout="window.status='Whatever-you-like-here';return true"
href='http://www.some-other-url.com'>The link</a>
living example: http://lotdcrew.org/drunkteam_new/page/affiliates.php
------------------------------------------------
>Received: (qmail 26354 invoked from network); 17 May 2004 18:17:56 -0000
>Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
> by mail.securityfocus.com with SMTP; 17 May 2004 18:17:56 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
> by outgoing3.securityfocus.com (Postfix) with QMQP
> id B52342371D4; Mon, 17 May 2004 20:13:15 -0600 (MDT)
>Mailing-List: contact bugtraq-help (at) securityfocus (dot) com [email concealed]; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq (at) securityfocus (dot) com [email concealed]>
>List-Help: <mailto:bugtraq-help (at) securityfocus (dot) com [email concealed]>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe (at) securityfocus (dot) com [email concealed]>
>List-Subscribe: <mailto:bugtraq-subscribe (at) securityfocus (dot) com [email concealed]>
>Delivered-To: mailing list bugtraq (at) securityfocus (dot) com [email concealed]
>Delivered-To: moderator for bugtraq (at) securityfocus (dot) com [email concealed]
>Received: (qmail 11770 invoked from network); 17 May 2004 12:00:16 -0000
>Message-ID: <40A90108.9000301 (at) kurczaba (dot) com [email concealed]>
>Date: Mon, 17 May 2004 14:14:32 -0400
>From: Kurczaba Associates advisories <advisories (at) kurczaba (dot) com [email concealed]>
>User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Content-Transfer-Encoding: 7bit
>
>Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>
>http://www.kurczaba.com/securityadvisories/0405132.htm
>-------------------------------------------------------------
>
>Vulnerability ID Number:
>0405132
>
>
>Overview:
>A vulnerability has been found in Microsoft Internet Explorer. A
>specially coded ImageMap can be used to spoof the URL displayed in the
>lower, left hand corner of the browser.
>
>
>Vendor:
>Microsoft (http://www.microsoft.com)
>
>
>Affected Systems/Configuration:
>The versions affected by this vulnerability are Microsoft Internet
>Explorer 5 and 6.
>
>
>Vulnerability/Exploit:
>An ImageMap can be used to spoof the URL displayed in the lower, left
>hand of the browser. View the "Proof of Concept" example for details.
>
>
>Workaround:
>None so far.
>
>
>Proof of Concept:
>http://www.kurczaba.com/securityadvisories/0405132poc.htm
>
>
>Date Discovered:
>May 13, 2004
>
>
>Severity:
>High
>
>
>Credit:
>Paul Kurczaba
>Kurczaba Associates
>http://www.kurczaba.com/
>
>
>
[ reply ]
Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
May 28 2004 05:57AM
Peter Pentchev (roam ringlet net)
Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
May 27 2004 08:01PM
Robert J Taylor (robert rjamestaylor com)
Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
May 27 2004 07:47PM
Valdis Kletnieks vt edu
Privacy Statement
Copyright 2010, SecurityFocus
I can't see this as vulnerability because its legal code I do something similar without using image map for my site to hide the affiliate tracking code.
This is the code:
<a onmouseover="window.status='http://www.the-url-you-see.com;return true"
title="The Link"
onmouseout="window.status='Whatever-you-like-here';return true"
href='http://www.some-other-url.com'>The link</a>
living example: http://lotdcrew.org/drunkteam_new/page/affiliates.php
------------------------------------------------
>Received: (qmail 26354 invoked from network); 17 May 2004 18:17:56 -0000
>Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
> by mail.securityfocus.com with SMTP; 17 May 2004 18:17:56 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
> by outgoing3.securityfocus.com (Postfix) with QMQP
> id B52342371D4; Mon, 17 May 2004 20:13:15 -0600 (MDT)
>Mailing-List: contact bugtraq-help (at) securityfocus (dot) com [email concealed]; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq (at) securityfocus (dot) com [email concealed]>
>List-Help: <mailto:bugtraq-help (at) securityfocus (dot) com [email concealed]>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe (at) securityfocus (dot) com [email concealed]>
>List-Subscribe: <mailto:bugtraq-subscribe (at) securityfocus (dot) com [email concealed]>
>Delivered-To: mailing list bugtraq (at) securityfocus (dot) com [email concealed]
>Delivered-To: moderator for bugtraq (at) securityfocus (dot) com [email concealed]
>Received: (qmail 11770 invoked from network); 17 May 2004 12:00:16 -0000
>Message-ID: <40A90108.9000301 (at) kurczaba (dot) com [email concealed]>
>Date: Mon, 17 May 2004 14:14:32 -0400
>From: Kurczaba Associates advisories <advisories (at) kurczaba (dot) com [email concealed]>
>User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Content-Transfer-Encoding: 7bit
>
>Microsoft Internet Explorer ImageMap URL Spoof Vulnerability
>
>http://www.kurczaba.com/securityadvisories/0405132.htm
>-------------------------------------------------------------
>
>Vulnerability ID Number:
>0405132
>
>
>Overview:
>A vulnerability has been found in Microsoft Internet Explorer. A
>specially coded ImageMap can be used to spoof the URL displayed in the
>lower, left hand corner of the browser.
>
>
>Vendor:
>Microsoft (http://www.microsoft.com)
>
>
>Affected Systems/Configuration:
>The versions affected by this vulnerability are Microsoft Internet
>Explorer 5 and 6.
>
>
>Vulnerability/Exploit:
>An ImageMap can be used to spoof the URL displayed in the lower, left
>hand of the browser. View the "Proof of Concept" example for details.
>
>
>Workaround:
>None so far.
>
>
>Proof of Concept:
>http://www.kurczaba.com/securityadvisories/0405132poc.htm
>
>
>Date Discovered:
>May 13, 2004
>
>
>Severity:
>High
>
>
>Credit:
>Paul Kurczaba
>Kurczaba Associates
>http://www.kurczaba.com/
>
>
>
[ reply ]