More IE Vulnerabilities

KingFishKingFish
edited November 2004 in Science & Tech
Once again, the specter of critical vulnerabilities in the world's most dominant Web browser have risen. A trio of vulnerabilities have been reported in recent days, further exposing Microsoft Internet Explorer (IE) users to the risk of potential attack from malicious users.
Late Tuesday, German Security Researcher Benjamin Tobias Franz reported a URL spoofing bug with iframes in IE. When exploited, the bug permits a faked target address to be shown in the status bar window. "Successful exploitation allows a malicious Web site to obfuscate URLs in the status bar, even when JavaScript support has been disabled," according to a note on the BugTraq site. Security researcher Gilbert Verdian reported the same bug in Apple's Safari Web browser running on OS X. A Microsoft spokesperson told internetnews.com that the company had not been made aware of any active exploits of the reported vulnerabilities or customer impact at this time, but that it is aggressively investigating the public reports.
Source: Internet News
Sign In or Register to comment.