Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    12:02 pm (UTC-7)   |    by

    Another URL spoofing in at least two browsers has been discovered. It was first reported as a URLspoofing vulnerability in Internet Explorer. Subsequent discussions later revealed that Firefox is also vulnerable.

    To create such a bug, start off with a simple link tag: <a href=””> </a>

    Then within that tag, include an onClick() event. This event is triggered when the link is clicked. Then use the onClick event to include a Javascript that redirects the browser into a web page of your choice.

    As you may have noticed, the redirection is done through Javascript. The redirection script can be modified such that an attacker can employ this to execute custom Javascript of the attacker’s choosing. For example, it could be leveraged to perform a cross-site scripting attack.

    And since this is a spoofing bug, it could be used for phishing or luring unsuspecting users into clicking malicious URLs.


    Disabling Javascript support in your browsers is an effective workaround for this spoofing bug.


    Click on any URLS below for demonstration. See the underlying source code to see how the URL spoofing works. And yes, all links are safe.

    Redirect to, even though the URL says “”

    Pop a message box

    Tested on:

    • IE 6, Windows XP SP2
    • Firefox v1.0.7, Windows XP SP2

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice