This webpage points users to also check the status bar when mousing over
the link. In mozilla 1.5 the status bar just says
www.microsoft.com
followed by an icon indicating a character that cannot be displayed.
However, this warning is stupid, because in javascript you can set the
status bar to say anything you like when a link is moused over.
rowan
Kevin Brown wrote:
>> Mozilla 1.5 is vulnerable. The url reads:
>>
>> http://www.microsoft.com%01%00@secunia
>>
>> com/internet_explorer_address_bar_spoofing_test/
>
>
> Uhh.... If it is showing the whole URL and not just www.microsoft.com
> then you are NOT vulnerable.
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
(text/plain)