Return to CVE list

CVE-2008-4787

5.8
Medium

CVE-2008-4787

cve@mitre.org
Modified
View on MITREFind on GitHub

Description

Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar via a URL with a hostname containing many   (Non-Blocking Space character) sequences, which are rendered as whitespace, aka MSRC ticket MSRC7899, a related issue to CVE-2003-1025.

Exploits

325392008-10-27webappsPHP

Microsoft Internet Explorer 6 - ' ' Address Bar URI Spoofing

By Amit Klein

References

cve@mitre.org
http://www.securityfocus.com/archive/1/497825/100/0/threaded
cve@mitre.org
http://www.securityfocus.com/archive/1/497827/100/0/threaded
cve@mitre.org
http://www.securityfocus.com/bid/31960
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/46234
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/497825/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/497827/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31960
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/46234