Microsoft Internet Explorer 7 HTTP Authentication International Domain Name Spoofing Weakness

Microsoft Internet Explorer 7 HTTP Authentication International Domain Name Spoofing Weakness

Microsoft Internet Explorer 7 is prone to a weakness that may allow attackers to spoof hostnames in HTTP-authentication dialogs.

Attackers may exploit this vulnerability via a malicious webpage to spoof the origin of an HTTP-authentication dialog that the victim may trust. Attackers may find this issue useful in phishing or other attacks that rely on content spoofing.