Digit Technology Discussion Forum - View Single Post

naveenchandran · 07-04-2006, 11:24 AM

Introduction

Hai Nam Luke has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.

Please use the test below, to see an example of how this vulnerability can be exploited, and also to determine whether or not your browser is vulnerable.

Test Case / Demonstration

The test will try to open Google.com in a new window after a few seconds it will display content controlled by Secunia (or the attacker/phisher).

For the test check out HERE

Result
You are vulnerable, if a new window is opened and content from Secunia is displayed while the address bar still says "http://www.google.com/".

You are not vulnerable to this particular exploit, if you do not experience the above behaviour.

Credits
The test is based on Proof of Concept code by Hai Nam Luke.

Sources:
http://secunia.com/Internet_Explorer...rability_Test/
http://www.neowin.net/forum/index.php?showtopic=450204

Internet Explorer is the worst ever designed browser in the history of computing :roll:

07-04-2006, 11:24 AM	#1 (permalink)
naveenchandran In The Zone Join Date: May 2004 Location: Hosur Operating System:GNU Posts: 451	New Internet Explorer Exploit Introduction Hai Nam Luke has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks. Please use the test below, to see an example of how this vulnerability can be exploited, and also to determine whether or not your browser is vulnerable. Test Case / Demonstration The test will try to open Google.com in a new window after a few seconds it will display content controlled by Secunia (or the attacker/phisher). For the test check out HERE Result You are vulnerable, if a new window is opened and content from Secunia is displayed while the address bar still says "http://www.google.com/". You are not vulnerable to this particular exploit, if you do not experience the above behaviour. Credits The test is based on Proof of Concept code by Hai Nam Luke. Sources: http://secunia.com/Internet_Explorer...rability_Test/ http://www.neowin.net/forum/index.php?showtopic=450204 Internet Explorer is the worst ever designed browser in the history of computing :roll: __________________ Million's Of Open Minds Can't Be Wrong! http://nc.xmgfree.com/weblog Everybody Wants to go to Heaven...But nobody wants to Die! :wink: