[Dshield] MSFT Internet Explorer, %01 URL spoofing

Hudak, Tyler Tyler.Hudak at roadway.com
Mon Dec 15 15:58:26 GMT 2003

Has anyone been able to successfuly exploit this via an email received in
Outlook?  I have tried using all of the techniques on Johannes page and each
result in the page being opened, but the URL looking like it should (no
spoofing occuring).

I have Outlook set up in the Restricted security zone, which may be the
reason why this doesn't work.


More information about the list mailing list