IE can be fooled into thinking a web page is in any domain by encoding some characters in the URL and placing the domain you want to spoof at the end of the URL. For example the URL
is in the pecefire.org domain but because "/" and "?" are replaced by "%2f" and "%3f" IE will think the URL is in the amazon.com domain.
You can find more information at http://www.peacefire.org/security/iecookies/ Although the web page only mentions cookies it may be possible to exploit the problem in other ways as the security setting for domains may be different. For example the users may allow the execution of unsigned ActiveX controls from its company domain.
-- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum