bitlance winter

5 exploits Active since Dec 2004
EIP-2026-119001 EXPLOITDB html WORKING POC
Opera Web Browser 7.5x - IFrame OnLoad Address Bar URL Obfuscation
EIP-2026-118816 EXPLOITDB text WORKING POC
Microsoft Internet Explorer 5.0.1 - Wildcard DNS Cross-Site Scripting
EIP-2026-118834 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6 - Pop-up Window Title Bar Spoofing
CVE-2004-2491 EXPLOITDB html WORKING POC
Opera Browser < 7.53 - URL Spoofing via Race Condition in Address Bar
A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.
CVE-2005-4809 EXPLOITDB text WORKING POC
Mozilla Firefox 1.0.1 - URL Spoofing via Nested A and TABLE Tags
Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.