TITLE:
Internet Explorer Window Loading Race Condition Address Bar Spoofing

SECUNIA ADVISORY ID:
SA19521

VERIFY ADVISORY:
http://secunia.com/advisories/19521/

CRITICAL:
Less critical

IMPACT:
Spoofing

WHERE:
>From remote

SOFTWARE:
Microsoft Internet Explorer 6.x
http://secunia.com/product/11/

DESCRIPTION:
Hai Nam Luke has discovered a vulnerability in Internet Explorer,
which can be exploited by malicious people to conduct phishing
attacks.

The vulnerability is caused due to a race condition in the loading of
web content and Macromedia Flash Format files (".swf") in browser
windows. This can be exploited to spoof the address bar in a browser
window showing a Flash file from a malicious web site.

NOTE: The impact of exploitation is reduced because the URL of the
malicious Flash file is visible in the title of the browser window.

The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2. Other
versions may also be affected.

SOLUTION:
Disable Active Scripting support.

PROVIDED AND/OR DISCOVERED BY:
Hai Nam Luke

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------