Gatzet.com

Gadget, Free Software, Reviews

Another Internet Explorer 7 Vulnerability

March 15th, 2007 · 5 Comments

IE7 vulnerability

This is another vulnerability issue of Internet Explorer 7. Even though this version is more secure than version 6, in connection with a constructional defect in this specific local help it is possible so that an attacker conducts phishing attacks against IE7 user easily.

According to Aviv Raff On this bug affecting Internet Explorer 7.0 for Windows Vista and Windows XP.

In order to achieve a phishing attack, an attacker one can in particular manufacture a crafted link that makes local assistance of navcancl.htm that connection with an index contained falsified of the reliable place of as indicated in the link (for example banks, paypal, MySpace).

If the victim opens the falsified link, which was sent by the attacker, a error page is indicated. The victim thinks that there was connection error and a disturbance instead of the falsified error and tend to refresh the pages. As soon as it refreshed, the error page provided by the attackers will displayed as if the original page and the user will expect that the contents is from the original site because the URL address indicated the reliable places which he intend. Then all submitted user data from that page, obviously could be abused by the attacker.

error page ie

Suggestion : until Microsoft fixes this vulnerability, do not trust the “Navigation Canceled” page!

Image URL: www.windows-vista-update.com


Related posts:

  1. Use Scribus Instead Of PageMaker

5 comments for this entry ↓

  • 1 mrlonely // Mar 15, 2007 at 11:40 pm

    pindah aja pake Firefox……..ya ga

  • 2 admin // Mar 16, 2007 at 1:50 pm

    Betul mrlonely… so far firefox is the best browser for windows platform. Opera is second… that’s my opinion :)

  • 3 IndoDX // Mar 18, 2007 at 1:32 pm

    for community support, firefox is good. for speed, opera is nice.

  • 4 ngadutrafik 2007 // Apr 19, 2007 at 11:47 am

    Memang IE kurang acceptable buat browsing web-web anyar. Saat didesain dengan Firefox tampil baik, tapi saat dilihat dengan IE desainnya jadi berantakan. Ngomong-ngomong sedang ada kontes ngadutrafik 2007 ya?

  • 5 Changing Blog Themes | zetrys.info // Feb 16, 2008 at 8:45 am

    [...] the themes for my review blog is ready, it looks great on Firefox, Opera and Safari, but the Internet Explorer 7 doesn’t display it correctly. I need to work on [...]

Leave a Comment