>>Yep, this is a straight copy of my example posted here: >>http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie >>I have seen a few other phish in the wild using this exploit too.
So have I. Not to diminish the importance of the attack, but this assumes the default placement of Address Bar if I'm not mistaken, so if the user changes their toolbar layout the popup will give itself away, correct? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer [EMAIL PROTECTED] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
