Definition

IE v6.0 Improper URL Canonicalization Vulnerability

oval:org.mitre.oval:def:512

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL which hides the rest of the URL including the real site in the address bar aka the "Improper URL Canonicalization Vulnerability."

Family:

windows

Status:

ACCEPTED

Platform(s):

Microsoft Windows XP

Class:

vulnerability

Reference(s):

CVE-2003-1025

Product(s):

Microsoft Internet Explorer