This webpage points users to also check the status bar when mousing over 
the link.  In mozilla 1.5 the status bar just says www.microsoft.com 
followed by an icon indicating a character that cannot be displayed.

However, this warning is stupid, because in javascript you can set the 
status bar to say anything you like when a link is moused over.

rowan

Kevin Brown wrote:

>> Mozilla 1.5 is vulnerable. The url reads:
>>
>> http://www.microsoft.com%01%00@secunia
>>
>> com/internet_explorer_address_bar_spoofing_test/
>
>
> Uhh.... If it is showing the whole URL and not just www.microsoft.com 
> then you are NOT vulnerable.
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>