Microsoft Internet Explorer Lets Remote Users Spoof the Status Bar Address with a Table Within a Link - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Browser) > Microsoft Internet Explorer (IE)

Vendors: Microsoft

Microsoft Internet Explorer Lets Remote Users Spoof the Status Bar Address with a Table Within a Link

SecurityTracker Alert ID: 1011987

SecurityTracker URL: http://securitytracker.com/id/1011987

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Updated: Oct 31 2004

Original Entry Date: Oct 29 2004

Impact: Modification of system information

Exploit Included: Yes

Version(s): 6.0 (6.0.2800.1106)

Description: A vulnerability was reported in Microsoft Internet Explorer (IE). A remote user can spoof URL addresses in the status bar.

Benjamin Tobias Franz reported that a remote user can create HTML with a link that will show an arbitrary URL in the status window when the target user places the mouse over the link.

Some demonstration exploit code is provided.

<a href="http://www.microsoft.com/"><table><tr><td><a
href="http://www.google.com/">Click here</td></tr></table></a>

Version 6.0.2800.1106 is affected. Microsoft Outlook Express is also affected.

Thor Larholm of PivX Solutions reports that this is not a vulnerability, as the ability to modify the status bar is a design feature of many browsers. The modification can be implemented via the 'window.status' property.

[Editor's note: We could not reproduce this on version 6.0.2900.2180 (XP SP2 fully patched).]

Impact: A remote user can create HTML that will spoof URL addresses in the status bar when the target user places the mouse over the spoofed link.

Solution: No solution was available at the time of this entry.

Vendor URL: www.microsoft.com/ (Links to External Site)

Cause: Input validation error

Underlying OS: Windows (Any)

Message History: This archive entry has one or more follow-up message(s) listed below.

(Apple Safari is Affected) Microsoft Internet Explorer Lets Remote Users Spoof the Status Bar Address with a Table Within a Link (Gilbert Verdian <gverdian@neoresearch.org>)
Apple's Safari web browser is also affected by this type of vulnerability.

Source Message Contents

Date: Thu, 28 Oct 2004 23:38:16 +0200
Subject: New URL spoofing bug in Microsoft Internet Explorer


New URL spoofing bug in Microsoft Internet Explorer

There is a security bug in Internet Explorer 6.0.2800.1106 (fully patched),
which allowes to show any faked target-address in the status bar of the
window.

The example below will display a faked URL ("http://www.microsoft.com/") in
the status bar of the window, if you move your mouse over the link. Click
on the link and IE will go to "http://www.google.com/" and NOT to
"http://www.microsoft.com/" .

<a href="http://www.microsoft.com/"><table><tr><td><a
href="http://www.google.com/">Click here</td></tr></table></a>

Description: Microsoft Internet Explorer can't handle links surrounded by a
table and an other link correct.

The bug can be exploited using HTML mail message too.

Affected software: Microsoft Internet Explorer, Microsoft Outlook Express,
...

Workaround: Don't click on non-trusted links. Or right-click on links to
see the real target. Or use Copy-and-Paste.


Regards,
Benjamin Tobias Franz
Germany

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC