V
Virus Guy
Hai Nam Luke has discovered a vulnerability in Internet Explorer,
which can be exploited by malicious people to conduct phishing
attacks. Use the test below to see an example of how this
vulnerability can be exploited, and also to determine whether or not
your browser is vulnerable.
Test Case / Demonstration
The test will try to open Google.com in a new window after a few
seconds it will display content controlled by Secunia (or the
attacker/phisher).
Start the test:
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/
Test Now - Left Click On This Link [javascript:StartTest();]
You are vulnerable, if a new window is opened and content from Secunia
is displayed while the address bar still says
"http://www.google.com/".
You are not vulnerable to this particular exploit, if you do not
experience the above behaviour.
Credits
The test is based on Proof of Concept code by Hai Nam Luke.
which can be exploited by malicious people to conduct phishing
attacks. Use the test below to see an example of how this
vulnerability can be exploited, and also to determine whether or not
your browser is vulnerable.
Test Case / Demonstration
The test will try to open Google.com in a new window after a few
seconds it will display content controlled by Secunia (or the
attacker/phisher).
Start the test:
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/
Test Now - Left Click On This Link [javascript:StartTest();]
You are vulnerable, if a new window is opened and content from Secunia
is displayed while the address bar still says
"http://www.google.com/".
You are not vulnerable to this particular exploit, if you do not
experience the above behaviour.
Credits
The test is based on Proof of Concept code by Hai Nam Luke.