[vox-tech] New phishing vulnerability

Larry Ozeran vox-tech@lists.lugod.org
Thu, 11 Dec 2003 15:47:17 -0800


At 11:25 PM 12/9/03 -0600, you wrote:
>> I use old browsers. MSIE 5.50 and Netscape 4.77 both work OK for me.
>> (i.e. http://www.microsoft.com%01@zapthedingbat.com/security/ex01/vun2.htm
>> displays on the address line for both)
>
<snip>

>On IE 5.0 on Windows, there was nothing after http://www.microsoft.com ...
and actually, if I go into the URL bar on IE and type
http://www.microsoft.com, I will see in the history, almost the same link I
see in Mozilla, except with the %01 replaced by a box (standard unprintable
character)

On IE 5.5 in Windows, I get the full address. Maybe MS fixed it in 5.5,
then for some reason unfixed in 6.0?