Microsoft IE Spoofed URL

2003-06-01T00:00:00
ID OSVDB:3055
Type osvdb
Reporter OSVDB
Modified 2003-06-01T00:00:00

Description

Vulnerability Description

Microsoft Internet Explorer could allow a remote attacker to spoof a Web site by altering the URL that is displayed in the IE address bar. If an attacker created a malicious HTML document, they could trick IE into displaying web content from one (untrusted) site while the address bar showed the URL of a different (trusted) site.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Microsoft Internet Explorer could allow a remote attacker to spoof a Web site by altering the URL that is displayed in the IE address bar. If an attacker created a malicious HTML document, they could trick IE into displaying web content from one (untrusted) site while the address bar showed the URL of a different (trusted) site.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-05/0352.html ISS X-Force ID: 12137 Bugtraq ID: 7763