Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Internet Explorer Phishing mouseover issue
Feb 23 2006 01:28AM
Steven M. Christey (coley mitre org)
The "http-equiv" and "Gandalf" examples are very similar, but I think
there might be some important distinctions.
1) The http-equiv example (CVE-2004-1104) uses a BASE tag with an href
attribute. In the form, the A tag has an "href=" without a value.
The value of the BASE HREF is displayed...
[ more ]
Copyright 2010, SecurityFocus