Thread-topic: [SA17565] Internet Explorer Image Control Status Bar Spoofing Weakness
>
>
> TITLE:
> Internet Explorer Image Control Status Bar Spoofing Weakness
>
> SECUNIA ADVISORY ID:
> SA17565
>
> VERIFY ADVISORY:
>
>
> CRITICAL:
> Not critical
>
> IMPACT:
> Security Bypass
>
> WHERE:
> From remote
>
> SOFTWARE:
> Microsoft Internet Explorer 6.x
>
>
> DESCRIPTION:
> Claudio "Sverx" has discovered a weakness in Internet Explorer, which
> can be exploited by malicious people to trick users into visiting a
> malicious website by obfuscating URLs displayed in the status bar.
>
> The problem is that the browser fails to show the correct URL in the
> status bar if an image control has been enclosed in a hyperlink and
> uses a form to specify the destination URL. This may cause a user to
> follow a link to a seemingly trusted website when in fact the browser
> opens a malicious website.
>
> This weakness is a variant of:
> SA13156
>
> Example:
> <form action="[malicious site]">
> <a href="[trusted site]"><input type="image" src="[image]"></a>
> </form>
>
> The weakness has been confirmed on a fully patched system with
> Internet Explorer 6.0 and Microsoft Windows XP SP2.
>
> SOLUTION:
> Do not follow links from untrusted sources.
>
> PROVIDED AND/OR DISCOVERED BY:
> Claudio "Sverx"
>
> OTHER REFERENCES:
> SA13156:
>
>
