IE bug

Mozilla bug several days ago. IE might envy Mozilla, so it revealed new bug. -_-; A ve~~~~ry easy to exploit bug which goes well with IE’s endless bug tale.

You can test the code at http://freehost07.websamba.com/greyhats/similarmethodnameredir.htm

See full story at http://seclists.org/lists/bugtraq/2004/Jul/0124.html

Spend a few minutes to figure out what is really going on here; new window called assign, and the assign method is parent window’s. So, parent window hijacked cookie of new window.

Easy to follow, and useful for zero-day attack. :(

Similar Posts:

Post a Comment

Your email is never published nor shared.