VULHUB ™

Internet Explorer 5.0 under Windows 95 (guess other versions are affected) with its default security settings allows frame spoofing. The problem is setting the location of a frame to an arbitrary URL without updating the address bar. This vulnerability allows misleading the user he is browsing a trusted site, while in fact he may be browsing a hostile site which might be stealing information. Exploit code included. Demonstration here.

Internet Explorer 5.0 under Windows 95 (guess other versions are affected) with its default security settings allows frame spoofing. The problem is setting the location of a frame to an arbitrary URL without updating the address bar. This vulnerability allows misleading the user he is browsing a trusted site, while in fact he may be browsing a hostile site which might be stealing information. Exploit code included. Demonstration here.