| Definition Id: oval:org.mitre.oval:def:526 |
Version: 4
Last Modified: 2007-01-13
|
| Title: |
IE v6.0,SP1 (Server 2003) Improper URL Canonicalization Vulnerability |
| Description: |
Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability." |
| Family: |
windows |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2003-1025
|
| Platform(s): |
Microsoft Windows Server 2003 |
Product(s): |
Microsoft Internet Explorer |
| Definition Synopsis: |
|
|
