SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Browser)  >   Apple Safari Vendors:   Apple Computer
(Apple Safari is Affected) Microsoft Internet Explorer Lets Remote Users Spoof the Status Bar Address with a Table Within a Link
SecurityTracker Alert ID:  1012030
SecurityTracker URL:  http://securitytracker.com/id/1012030
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 2 2004
Impact:   Modification of system information
Exploit Included:  Yes  
Version(s): 1.2.3
Description:   A vulnerability was reported in Microsoft Internet Explorer (IE). A remote user can spoof URL addresses in the status bar. Apple's Safari is also affected.

It is reported that a remote user can create HTML with a link that will show an arbitrary URL in the status window when the target user places the mouse over the link.

Some demonstration exploit code is provided.

<a href="http://www.microsoft.com/"><table><tr><td><a
href="http: //www.google.com/">Click here</td></tr></table></a>

This vulnerability was originally reported by Benjamin Tobias Franz to affect Microsoft Internet Explorer. Gilbert Verdian later reported that the vulnerability also affects Apple Safari.

Some examples are available at:

http://www.neoresearch.org/[neo]safari_url_spoof.html

Thor Larholm of PivX Solutions reports that this is not a vulnerability, as the ability to modify the status bar is a design feature of many browsers. The modification can be implemented via the 'window.status' property.
Impact:   A remote user can create HTML that will spoof URL addresses in the status bar when the target user places the mouse over the spoofed link.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.apple.com/ (Links to External Site)
Cause:   Input validation error
Underlying OS:   UNIX (OS X)

Message History:   This archive entry is a follow-up to the message listed below.
Oct 29 2004 Microsoft Internet Explorer Lets Remote Users Spoof the Status Bar Address with a Table Within a Link


 Source Message Contents
Date:  Mon, 1 Nov 2004 01:21:35 +1100
Subject:  Safari vulnerable to URL spoofing


Following the discovery by Benjamin Tobias Franz for spoofing URLs in 
IE by using tables within links.

http://www.packetstormsecurity.nl/0410-advisories/msieLink.txt

It is possible to spoof URLs under OS X in the latest Safari browser 
1.2.3 (v125.9) by using the same method.
Ironically, this does not work with Internet Explorer on OS X version 
5.2.3 (5815.1).

Tested on OS X 10.3.5 (build 7M34) with latest software update.

Further details and example at 
http://www.neoresearch.org/[neo]safari_url_spoof.html

regards,

Gilbert Verdian
neoresearch.org


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC