Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Internet Explorer - Remote hacker automatic data theft

Version: 6.x and prior.
Technical Details:

It is possible to spoof the address in the IE 6 address bar, including the spoofing of https addresses. This is achieved through malicious scripting. Full exploit data is readily available.

Description:

It has been discovered that it is possible to spoof the address bar data in Internet Explorer 6 (for all versions of IE 6). This could allow a remote attacker to overwrite the actual site address with any information that they choose, effectively misleading the user into believing that they are on the legitimate site, when they are on the attacker's choice of site. Full exploit details are readily available.

Mitigation:

Consider disabling Active Scripting support and consider the use of an alternative Internet browser until Microsoft are able to release a patch for the issue.

Updates:

Not Yet Available

Source:

http://lcamtuf.coredump.cx/ietrap2/

Exploits:

http://lcamtuf.coredump.cx/ietrap2/

External Tracking Data:

Not Yet Identified


Social bookmark this page