6 matches found
CVE-2008-4787
Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar via a URL with a hostname containing many Non-Blocking Space character sequences, which are rendered as whitespace, aka MSRC ticket MSRC7899, a related issue to CVE-2003-1025...
Design/Logic Flaw
Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar via a URL with a hostname containing many Non-Blocking Space character sequences, which are rendered as whitespace, aka MSRC ticket MSRC7899, a related issue to CVE-2003-1025...
CVE-2008-4787
Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar via a URL with a hostname containing many Non-Blocking Space character sequences, which are rendered as whitespace, aka MSRC ticket MSRC7899, a related issue to CVE-2003-1025...
CVE-2008-4787
CVE-2008-4787 describes a visual truncation/address-bar spoofing issue in Microsoft Internet Explorer 6. The vulnerability occurs when a hostname contains many characters, which render as whitespace, enabling a page to appear at a different address than its actual content. The entry cites MSRC789...
CVE-2003-1025
Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerabilit...
CVE-2003-1025
CVE-2003-1025 involves Internet Explorer 5.01–6 SP1 and is caused by an improper URL canonicalization in the HTTP URL parsing, enabling remote spoofing of the address bar with a specially crafted URL (example: a %01 before an @ sign). The vulnerability could let a malicious page display a false a...