EXPLOITS

Microsoft Outlook Express 6.0 - URI Obfuscation

Author: http-equiv
type: remote
platform: windows
port: 
date_added: 2004-05-13  
date_updated: 2013-01-15  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 24118.txt  

source: https://www.securityfocus.com/bid/10345/info

Microsoft Outlook Express has been reported prone to a URI obfuscation vulnerability.

This issue is reported to affect version 6.0 of the affected software, other versions might also be affected.

An attacker could reportedly get a user to visit an attacker controlled site without the usual address bar feature in a web browser. This could potentially make it easier for an attacker to fool a user into trusting the site contents.

<BASE href=http://www.example1.com target=_top>
<A href="http://www.example2.com">http://www.example1.com</A>