URL2DWORD by: illwill
October 15,2001


Zone Spoofing Vulnerability

http://www.securiteam.com/windowsntfocus/6S00D0U2US.html

Vulnerable systems:
Microsoft Internet Explorer 4.x
Microsoft Internet Explorer 5.x

EXPLOIT:
Microsoft Internet Explorer security is dependant on different 'security zones'. These zones (Local Intranet zone and Internet zone) can have different security settings in regards to scripting and ActiveX execution. A lot of individuals and companies (including Microsoft) are depending on these zones to allow custom written ActiveX controls (unsigned and unsafe for scripting) to run on their internal intranet or network. A flaw has been discovered in Internet Explorer that can bypass these zones and 'fool' the browser into believing an Internet site resides in the local intranet zone. This has as result that malicious website owners could potentially operate (and execute malicious code) in the users local intranet zone by luring surfers to their site with specially crafted URL's.
In order for this Flaw to be dangerous, the user would have to have lower security settings in the intranet zone then in the Internet zone.


illwill@inflict.org
Http://www.inflict.org