Re: [Full-Disclosure] IE 0x01 Byte URL Spoofing Vulnerability[Scriptless PoC Exploit & Additional Details]

Piotr Bulczak Sat, 13 Dec 2003 09:28:38 -0800

> 2. SCRIPTING is NOT NECESSARY to exploit this vulnerability.
> A hex editor can be used to embed the 0x01 byte. See the attached
exploit.


Why hex editor? Just put &#001; code instead.

cheers,
Piotr


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] IE 0x01 Byte URL Spoofing Vulnerability[Scriptless PoC Exploit & Additional Details]

Reply via email to