On 3/15/07, avivra <[EMAIL PROTECTED]> wrote:
> Hi Robert,
>
> Protected Mode and UAC are different security features.
> But even though, it is possible to access local resource ("res://") links
> with Protected Mode and UAC features enabled. You can test it yourself here:
> http://www.raffon.net/r
om: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Matthew Murphy
Sent: Thursday, March 15, 2007 11:46 PM
To: avivra
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Phishing using IE7 local resource
vulnerability
On 3/15/07, avivra <[EMAIL PROTECTED]> wrote:
Hi Robert,
Protected Mode and UAC are different security features.
But even though, it is possible to access local resource ("res://") links
with Protected Mode and UAC features enabled. You can test it yourself here:
http://www.raffon.net/research/ms/ie/navcancl/cnn.html or watch the demo
video
quite cool, good work
On 3/14/07, avivra <[EMAIL PROTECTED]> wrote:
> Summary
> Internet Explorer 7.0 is vulnerable to cross-site scripting in one of its
> local resources. In combination with a design flaw in this specific local
> resource it is possible for an attacker to easily conduct phishing
Summary
Internet Explorer 7.0 is vulnerable to cross-site scripting in one of its
local resources. In combination with a design flaw in this specific local
resource it is possible for an attacker to easily conduct phishing attacks
against IE7 users.
Affected versions
. Windows Vista - Internet Exp