SecurityTeam US - Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability


	Contribute : Advanced Search : Web Resources : Polls : File Repository

Poll
What would you like to see on SecurityTeamUS? More News Product Reviews HowTo's Custom RPM/Packages/Tools Other (Please leave comment) Results 96 votes \| 0 comments

Topics
Home Apache Apple Application Software Cisco Systems Database Servers Internet Explorer Linux Macromedia Microsoft Mozilla/Firefox Phishing/ID Theft Real Networks Security News Sun Microsystems Web Appliances/Devices Web Scripts Wi-Fi

Virus Alerts
17 Apr 2011 Troj/Mdrop-DKE 17 Apr 2011 Troj/Sasfis-O 17 Apr 2011 Troj/Keygen-FU 17 Apr 2011 Troj/Zbot-AOY 17 Apr 2011 Troj/Zbot-AOW 17 Apr 2011 W32/Womble-E 17 Apr 2011 Troj/VB-FGD 17 Apr 2011 Troj/FakeAV-DFF 17 Apr 2011 Troj/SWFLdr-W 17 Apr 2011 W32/RorpiaMem-A

Events
There are no upcoming events

Welcome to SecurityTeam US
Monday, February 06 2012 @ 12:19 PM EST

Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability

Tuesday, June 21 2005 @ 08:00 AM EDT

Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious web sites to spoof dialog boxes.

The problem is that JavaScript dialog boxes do not display or include their origin, which allows a new window to open e.g. a prompt dialog box, which appears to be from a trusted site.

Successful exploitation normally requires that a user is tricked into opening a link from a malicious web site to a trusted web site.

Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/

The vulnerability has been confirmed in a fully updated version 6.0. Prior versions may also be affected.

SOFTWARE:
Microsoft Internet Explorer 6.x

SOLUTION:
Do not browse untrusted web sites while browsing trusted sites.

PROVIDED AND/OR DISCOVERED BY:
Jakob Balle, Secunia Research

ORIGINAL ADVISORY:
http://secunia.com/secunia_research/2005-9/

VERIFY ADVISORY:
http://secunia.com/advisories/15491/

Secunia Security Advisories

What's Related
http://secunia.com/mult... http://secunia.com/secu... http://secunia.com/advi... More from Microsoft

Story Options
Mail Story to a Friend Printable Story Format

Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability | 0 comments | Create New Account

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Dedicated Servers
Created this page in 0.15 seconds