Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src / Print Next >>

Date: 3 Nov 2006 18:00:48 -0000
From: inge_eivind.henriksen@chello.no
To: bugtraq@securityfocus.com
Subject: IE7 website security certificate discrediting exploit
X-Virus-Scanned: antivirus-gw at tyumen.ru

 Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ **

Advisory Name: IE7 website security certificate discrediting exploit 
Tested and Confirmed Vulnerable: Microsoft(R) Internet Explorer(R) 7 
Severity: Low 
Type: Spoof 
>From where: Remote 
Discovered by: Inge Henriksen (http://ingehenriksen.blogspot.com/) 
Vendor Status: Notified 
Overview: 

It is possible to create a link in Microsoft(R) Internet Explorer(R) 7 that discredits a websites security certificate. The bad design is in the ieframe.dll's embedded invalidecert.htm.

Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/

<< Previous INDEX Search src / Print Next >>

Партнёры:

Хостинг: