Home >> Opensoft >> Internet Explorer URL Spoofing Vulnerability >> Download Patch
	Solution Download Patch Click on the following link to install IE vulnerability patch version 3.0. Download now Patch Source Code Download Source Code Click on the following link to download IE vulnerability source code version 3.0. Download now Test exploit Fake Microsoft Update example Hackers can easily use the exploit to dupe people into running harmful Trojans by mimicing Microsoft's own web site. Test Exploit Fake PayPal Site Scammers can steal users' PayPal user name and password by luring unsuspecting users into their trap. Test Exploit Feedback Use our Open Forum - and get informed! Internet Explorer URL Spoofing Vulnerability Release Date: 2003-12-10 Last Update: 2003-12-27 Critical: Highly critical Impact: ID Spoofing Where: From remote Software: Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6 Description: A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars. The vulnerability is caused due to an input validation error, which can be exploited by including the "%01" and "%00" URL encoded representations after the username and right before the "@" character in an URL. Successful exploitation allows a malicious person to display an arbitrary FQDN (Fully Qualified Domain Name) in the address and status bars, which is different from the actual location of the page. This can be exploited to trick users into divulging sensitive information or download and execute malware on their systems, because they trust the faked domain in the two bars. Example displaying only "http://www.trusted_site.com" in the two bars when the real domain is "malicious_site.com": http://www.trusted_site.com%01%00@malicious_site.com/malicious.html The vulnerability has been confirmed in version 6.0, and version 5.x is also affected according to Microsoft's knowledge base article. Solution: Click on the following link to download and install the IE URL Spoofing Vulnerability Patch. Download now Reported by / credits: Originally discovered by: Zap The Dingbat Status bar variant reported by: Chris Hall Changelog: 2003-12-11: Linked to test. Added information regarding variant, which makes it possible to spoof URL in the status bar as well. 2003-12-14: Microsoft has issued a knowledge base article concerning the issue. This also reports that version 5.x is affected. 2003-12-14: Released IEpatch to fix URL Spoofing Vulnerability. 2003-12-20: Released revised IEpatch version 2.0. Fixed all known errors. 2003-12-27: Released final revised version 3.0, which redirects blocked pages to a local file. Other References: Microsoft Knowledge Base Article - 833786: http://support.microsoft.com/?id=833786 Translate this page   French German Spanish Italian Portuquese   ThreatLevel Critical! Possible uses of exploit 'Phishing' Scams High-tech scam that uses spam to deceive consumers into disclosing financial and personal information. More about 'Phishing' Trojan and / or Worm loaders Trick unsuspecting users into downloading harmful viruses by disguising them as legitimate security updates. Users' comments Fake Earthlink request for billing info E-mail from <account verification976@ geocites.com> sent this weekend....your patch blocked it...Thanks for fixing what Microsoft chose not to. -Dan Leinenbach, US Attorney's Office, Virgin Islands