Odd MSIE html parsing

From: Matthew S. Hallacy (poptixat_private)
Date: Wed Jan 02 2002 - 05:36:29 PST

Next message: Kayne Ian (Softlab): "RE: Grokster and your email"

Previous message: Larry W. Cashdollar: "Re: [VulnWatch] blackshell3: multiple pwck/grpck vulnerabilities"
Next in thread: Golden_Eternity: "RE: Odd MSIE html parsing"
Reply: Golden_Eternity: "RE: Odd MSIE html parsing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I recieved an odd spam today, the links were obfuscated as follows:

<A HREF="http://www.ca1.waredet.net.co.fr^T^B^T^E^T|https.travel.bzah.com^B">

clicking on the link in MSIE shows the following in the address bar:
'http://www.ca1.waredet.net.co.fr(?????)|https.travel.bzah.com/'
while it's really going to https.travel.bzah.com (a stupid angelfire spam site,
die die die)

Comments? I'm curious as to why MSIE allows control characters in the url
like this, it didn't work in Mozilla.

				- Matthew S. Hallacy
--

Next message: Kayne Ian (Softlab): "RE: Grokster and your email"
Previous message: Larry W. Cashdollar: "Re: [VulnWatch] blackshell3: multiple pwck/grpck vulnerabilities"
Next in thread: Golden_Eternity: "RE: Odd MSIE html parsing"
Reply: Golden_Eternity: "RE: Odd MSIE html parsing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jan 02 2002 - 09:52:13 PST