[Dshield] MSFT Internet Explorer, %01 URL spoofing
Johannes B. Ullrich
jullrich at sans.org
Mon Dec 15 16:31:53 GMT 2003
On Mon, 2003-12-15 at 10:58, Hudak, Tyler wrote:
> Has anyone been able to successfuly exploit this via an email received in
I did manage it in Outlook Express. It did require sending HTML email.
See how this looks in Outlook (I am not able to post html to the list):
or with '<a>' tags:
(some e-mail readers will parse '<a>' tags even in text email.)
> I have tried using all of the techniques on Johannes page and each
> result in the page being opened, but the URL looking like it should (no
> spoofing occuring).
> I have Outlook set up in the Restricted security zone, which may be the
> reason why this doesn't work.
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
CTO SANS Internet Storm Center http://isc.sans.org
phone: (617) 786 1563
fax: (617) 786 1550 jullrich at sans.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20031215/5899cc17/attachment.bin
More information about the list