Internet Explorer 7 Popup Address Bar Spoofing Test - Secunia

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0) - NEW -

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Internet Explorer 7 Popup Address Bar Spoofing Test

Introduction A weakness has been discovered in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks. Please use the test below to see an example of how this vulnerability can be exploited, and also to determine whether or not your browser is vulnerable. Test Case / Demonstration The test will try to open a popup with a spoofed address bar of "http://www.microsoft.com/". Start the test: Test Now - Left Click On This Link Result You are vulnerable, if a new popup-window is opened and content from Secunia is displayed while the address bar still says "http://www.microsoft.com/". You are not vulnerable to this particular exploit, if you do not experience the above behaviour. What should you do? Please view the Secunia advisory below for information about how you can fix or mitigate the impact of this weakness. Secunia will continuously update the Secunia advisory when more information becomes available. - SA22542 Internet Explorer 7 Popup Address Bar Spoofing Weakness Be alerted when a patch is released Companies have the option of requesting a Secunia account for immediate notification when a patch is released by Microsoft. Request Secunia Account Staying Informed In order to protect yourself, it is a very good idea to stay informed about the latest threats from vulnerabilities in the software you are using. Secunia offers a free weekly newsletter, which covers the latest threats from vulnerabilities. To sign-up for the Secunia Weekly Summary, please enter your email address in the field below and submit the form: Email Address:

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Yahoo! Assistant yNotifier.dll ActiveX Control Code Execution

2.	Cyberfolio "rep" File Inclusion Vulnerability

3.	OpenKM Document Export Security Issue

4.	Zarafa Script Insertion Vulnerabilities

5.	Slackware update for thunderbird

6.	TFTP Server SP Long Error Message Buffer Overflow

7.	SazCart Multiple File Inclusion Vulnerabilities

8.	Maian Search Cross-Site Scripting and SQL Injection Vulnerabilities

9.	InfoBiz Server "keywords" Cross-Site Scripting Vulnerability

10.	Slackware update for php

Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia