Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Major Phishing Hole Found In IE and OE

Reply
Thread Tools

Major Phishing Hole Found In IE and OE

 
 
Jay Calvert
Guest
Posts: n/a
 
      02-17-2005
A serious vulnerability has been found in Microsoft's IE and Outlook
Express products that spoof the destination URL in the Status bar.


http://habaneronetworks.com/viewArticle.php?ID=140

--
Jay Calvert
Habaneronetworks.com
 
Reply With Quote
 
 
 
 
Vanguard
Guest
Posts: n/a
 
      02-17-2005
"Jay Calvert" <(E-Mail Removed)> wrote in message
news:cv2f83$thr$(E-Mail Removed)...
>A serious vulnerability has been found in Microsoft's IE and Outlook
>Express products that spoof the destination URL in the Status bar.
>
>
> http://habaneronetworks.com/viewArticle.php?ID=140



So what is it that Firefox doesn't support? Inline style sheets within
an attribute (the "<u style=...>text</u> lines)? The "cursor: pointer"
attribute within the style sheet? Or using labels within control (the
"id=..." attribute within the <A> tag for the link for
spreadfirefox.com), or the <label> tag within which the inline style got
used that had the pointer attribute for the cursor?

I'm no HTML guru but I have to wonder why there is a need for a pointer
attribute for the cursor within a style sheet (CSS2 spec, cursor
property,
http://www.w3.org/TR/1998/REC-CSS2-1...#cursor-props).
Maybe Firefox doesn't support CSS2 (since I didn't see the cursor
property in the CSS1 spec at http://www.w3.org/TR/REC-CSS1-961217.html).
Supposedly Firefox supports CSS (see
http://www.w3.org/Style/CSS/#browsers) but maybe it only supports CSS1.
I know that Firefox supports some CSS because some of its config files
are .css files. According to the description on
http://www.mozilla.org/docs/web-developer/, Firefox probably only partly
supports CSS2. So if Firefox ever gets finished and then fully supports
CSS2 then it, too, might be just as susceptible.

One of the ****ers with cascading style sheets is they can also be used
to present pseudo-popups as either roll-down or popup windows within the
web page. Since this is content within the same web page, popup
blockers won't work on them. If you block or disable CSS then stuff
like roll-down menues won't work, so some forums won't work (since they
use an onhover event or onclick event to show the roll-down CSS menu).

By the way, while searching around Mozilla.org for it's support of the
cursor property in an inline style sheet for CSS2, I found
http://www.mozilla.org/xpfe/xulref/grippy.html. So Firefox might
actually support CSS2's cursor property but deliberately obviate the
example obfuscation code noted in the Habenero article. However, if
Firefox supports "grippies" then clicking on one could also put you on a
different site that simply recreated the same web content (i.e., the
page looks alike) but be very different underneath as to what it does.
Any clickable object could be moving you somewhere else, not just the
example here of clicking on a clickable text string.

Still, it looks like a defect in IE that it shows the label of the
control in the status bar instead of the control's actual destination.
This really isn't something new. It's been a couple years that I've
noticed when hovering over a link that sometimes what you see instead of
the URL is some "info" text.

--
__________________________________________________ __________
Post your replies to the newsgroup. Share with others.
E-mail reply: Remove "NIXTHIS" and add "#VS811" to Subject.
__________________________________________________ __________

 
Reply With Quote
 
 
 
 
Tony Raven
Guest
Posts: n/a
 
      02-17-2005
Jay Calvert wrote:
> A serious vulnerability has been found in Microsoft's IE and Outlook
> Express products that spoof the destination URL in the Status bar.
>
>
> http://habaneronetworks.com/viewArticle.php?ID=140
>


I use Spoofstick even on Firefox to know what site I'm really on.

Tony

 
Reply With Quote
 
Vanguard
Guest
Posts: n/a
 
      02-17-2005
"Tony Raven" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Jay Calvert wrote:
>> A serious vulnerability has been found in Microsoft's IE and Outlook
>> Express products that spoof the destination URL in the Status bar.
>>
>>
>> http://habaneronetworks.com/viewArticle.php?ID=140
>>

>
> I use Spoofstick even on Firefox to know what site I'm really on.



FraudEliminator or Trustwatch toolbars might be better in that they also
show you the real destination URL but also employ blacklists and
heuristic to detect a phish site. I just started looking at these and
don't which one is better, FraudEliminator or Trustwatch. I tested
FraudEliminator and its defect is that it shows lots of features, like
popup blocking, search, and other fluff features that I don't want but
the toolbar is fixed. They sent an e-mail that a new version is out
where the user can configure their toolbar to enable and show only those
features the users wants to use. Otherwise, FraudEliminator occupied a
whole row for its toolbar.

--
__________________________________________________ __________
Post your replies to the newsgroup. Share with others.
E-mail reply: Remove "NIXTHIS" and add "#VS811" to Subject.
__________________________________________________ __________

 
Reply With Quote
 
Michael J. Pelletier
Guest
Posts: n/a
 
      02-18-2005
Jay Calvert wrote:

> A serious vulnerability has been found in Microsoft's IE and Outlook
> Express products that spoof the destination URL in the Status bar.
>
>
> http://habaneronetworks.com/viewArticle.php?ID=140
>
> --
> Jay Calvert
> Habaneronetworks.com



Thanks for the info...I really like the "spreadfirefox" idea, that was
cool...

Michael
 
Reply With Quote
 
Michael J. Pelletier
Guest
Posts: n/a
 
      02-18-2005
Jay Calvert wrote:

> A serious vulnerability has been found in Microsoft's IE and Outlook
> Express products that spoof the destination URL in the Status bar.
>
>
> http://habaneronetworks.com/viewArticle.php?ID=140
>
> --
> Jay Calvert
> Habaneronetworks.com



KDE will not open the window unless you select "Open in another window" or
"Open in another tab". Then you go to ebay...So it seems KDE is not
vulnerable...

Michael
 
Reply With Quote
 
Jay Calvert
Guest
Posts: n/a
 
      02-18-2005
Michael J. Pelletier wrote:
> Jay Calvert wrote:
>
>
>>A serious vulnerability has been found in Microsoft's IE and Outlook
>>Express products that spoof the destination URL in the Status bar.
>>
>>
>>http://habaneronetworks.com/viewArticle.php?ID=140
>>
>>--
>>Jay Calvert
>>Habaneronetworks.com

>
>
>
> Thanks for the info...I really like the "spreadfirefox" idea, that was
> cool...
>
> Michael

Thanks, I thought it might help spread the word even further I should
have place my spreadfirefox.com registration id in the link.

Jay Calvert
HabaneroNetworks.com
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Confusion about row-major and column-major Jef Driesen C++ 2 01-12-2006 03:02 PM
Major Phishing Hole Found In IE and OE Jay Calvert Firefox 5 02-18-2005 03:30 AM
ALIENS - Major Plot Hole Rutgar DVD Video 22 12-19-2003 01:39 PM
NArray indexing order: row major vs column major ara howard Ruby 0 10-28-2003 04:16 PM
Major Major Problem With ASP.NET kokwooi ASP .Net 6 09-19-2003 08:52 AM



Advertisments