Title: Microsoft Internet Explorer 7 Popup Window Address Bar Spoofing Weakness
Severity: MODERATE
Description:
Microsoft Internet Explorer 7 is prone to a popup window address-bar-spoofing weakness.
This issue occurs because it is possible to display a popup window with only a portion of the address bar initially displayed to the user. By using a combination of special characters in a URI that launches a popup window, an attacker can cause the popup to appear to derive from a trusted site by directing primary focus to only a specific portion of the originating URI. This will cause the address bar to initially display the URI of a trusted site, while the content may display attacker-controlled data. Manually verifying an originating URI is typically enough to uncover the use of this method, yet it is possible to manipulate initial user perceptions and exploit trust through the use of this technique.
Attackers may exploit this weakness via a malicious web page to spoof the contents and origin of a page that the victim may trust. This weakness may be useful in phishing or other attacks that rely on content spoofing.
This issue is confirmed to affect Internet Explorer 7 on Windows XP with Service Pack 2. Other platforms may also be affected.
Affected Products:
- Microsoft Internet Explorer 7.0
References:
- Johannes Ullrich: MSIE IE7 Popup Address Bar Spoofing Vulnerability
- Microsoft: IE Address Bar Issue
- Microsoft: Microsoft Internet Explorer 7
- US-CERT: US-CERT Vulnerability Note VU#347188
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
