|
Home Forum Radio Memberlist Help Search Quick Links | |
| Forum Index » Internet » Security Alerts and vulnerabilities » Microsoft Outlook Web Access |
| Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here.. |
 |
 |
|
Thread Tools | Display Modes |  |
|
#1
02-08-2005, 11:18 AM
|
||||
|
||||
|
Donnie Werner has reported a weakness in Microsoft Outlook Web Access (OWA), which potentially can be exploited by malicious people to conduct phishing attacks.
The weakness is caused due to a design error in the way OWA uses an unverified user supplied argument to redirect a user after successful authentication. This can e.g. be exploited by tricking a user into following a link from a HTML document to the trusted login page with a malicious "url" parameter. After successful authentication, the user will be redirected to the untrusted (fake) site. Solution: Do not follow links from untrusted sites or emails. 
|
 Posted |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| hijack log | der | Spyware / Virus Removal | 46 | 10-04-2005 06:49 AM |
| Tauscan Updates | LJM Master | Software Update Alerts | 14 | 07-01-2005 01:38 PM |
| Trojandownloader And Unremovable Files- Woes Me | ibrbrt | Spyware / Virus Removal | 9 | 06-18-2005 11:28 AM |
| eliteuvf32.exe?? AdWare? | Alex | Spyware / Virus Removal | 31 | 05-17-2005 08:50 PM |
| Microsoft December security update | Mobo | News & Announcements | 0 | 12-18-2004 07:30 AM |
|
||
|
|
|
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
