Exploit Mozilla Browser 1.6/1.7 - URI Obfuscation

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24196
Проверка EDB
  1. Пройдено
Автор
HTTP-EQUIV
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
N/A
Дата публикации
2004-06-14
Код:
source: https://www.securityfocus.com/bid/10532/info

A weakness is reported in Mozilla that may allow an attacker to obfuscate the URI of a link. This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. 

It is reported that the weakness exists when form method GET action URI's that are appended with the %2F encoded character, several space characters and an appended '.' URI are followed.

Mozilla 1.6 and 1.7rc3 for Windows and Firefox 0.8 and 0.9rc for Windows are reportedly affected by this issue.

http://[trusted_site]%2F%20%20%20.[malicious_site]/
 
Источник
www.exploit-db.com

Похожие темы