Signature Detail

HTTP: Microsoft Internet Explorer HREF Status Bar Spoofing

This signature detects attempts to exploit a known vulnerability against Microsoft IE. An attacker could exploit this vulnerability by creating a malicious Web page and hosting it on a Web site or by sending it to a victim as an HTML email. A successful attack can lead to the illegitimate advantage.

Extended Description

Microsoft Internet Explorer is reported prone to a URI obfuscation weakness. The issue is due to a failure of the affected application to properly handle specially crafted HTML anchor URI tags and various form tags. This issue may be leveraged by an attacker to display false information in the status bar of an unsuspecting user, allowing an attacker to present web pages to users that seem to originate from a trusted location. This vulnerability is reported to affect Internet Explorer 6 SP2, other versions might also be affected. This issue is similar to BID 10023.

References

• BugTraq: 11565
• CVE: CVE-2004-1104