IE "URL Spoof" bug solved by 3rd party software company

Description:
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.

The vulnerability is caused due to an input validation error, which can be exploited by including the “%01” and “%00” URL encoded representations after the username and right before the “@” character in an URL.

Successful exploitation allows a malicious person to display an arbitrary FQDN (Fully Qualified Domain Name) in the address and status bars, which is different from the actual location of the page.

This can be exploited to trick users into divulging sensitive information or download and execute malware on their systems, because they trust the faked domain in the two bars.

Example displaying only “http://www.trusted_site.com” in the two bars when the real domain is “malicious_site.com”:
http://www.trusted_site.com%01%00@malicious_site.com/malicious.html

The vulnerability has been confirmed in version 6.0, and version 5.x is also affected according to Microsoft’s knowledge base article.

Test your Internet Explorer browser [here](http://windowsupdate.microsoft.com@security.openwares.org/Update.htm) , it also offers you to download the patch. Note that you will be transfered to www.security.openwares.org !!

dont install that patch - it isnt entirely good :wink:

A buffer overflow vulnerability was reported in the third party ‘Microsoft IE Security Patch’ from Openwares.org. A remote user can execute arbitrary code on the target user’s system. [Editor’s note: The patch is a third party patch for IE – it is not a Microsoft patch.]

Heise Online reported that loading a URL of more than 256 characters can trigger a buffer overflow with the stack being overwritten.

The report also indicates that URLs that are corrected by the patch are sent to a script at the ‘openwares.org’ web site

from the following site:

http://www.snpx.com/cgi-bin/news5.cgi?target=www.newsnow.co.uk/cgi/NGoto/45932334?-2622