Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Vulnerability In Ie7

  • Please log in to reply
No replies to this topic

#1 fozzie


    aut viam inveniam aut faciam

  • Members
  • 3,516 posts
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:12:29 PM

Posted 01 March 2007 - 08:35 AM

A spoofing vulnerability in Internet Explorer (IE) 7 discovered by Secunia Research was disclosed this week. The vulnerability is due to an error in IE7's handling of "onunload" events. It can be exploited by a malicious website to spoof the address bar if, for example, the user types a new address manually into the address bar, which is considered best practice.

Spoofing attacks can be used for phishing activities, as well as installation vectors for malware and spyware.

The vulnerability is currently unpatched. Secunia recommends that IE users close browsers after visiting untrusted web sites.

For more information, refer to: http://secunia.com/secunia_research/2007-1/advisory/

Source : Secunia

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users