Internet Explorer 7 Popup Address Bar Spoofing

Secunia released an advisory discussing IE 7’s Popup Address Bar weakness to Spoofing.


The url in the address bar of the popup can be padded with special characters to show only a portion of the complete url thereby misleading the user to be spoofed.


Secunia came up with a test page to check if your IE 7 is vulnerable. You may check out their test page here.


It is always advisable not to follow links from untrusted sources to prevent from being victimized by phishers and scammers.