CVE-2008-4787

Microsoft Internet Explorer 6 - Info Disclosure

Title source: llm

Description

Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar via a URL with a hostname containing many   (Non-Blocking Space character) sequences, which are rendered as whitespace, aka MSRC ticket MSRC7899, a related issue to CVE-2003-1025.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Amit Klein · htmlwebappsphp

https://www.exploit-db.com/exploits/32539

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/31960

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/497825/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/497827/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46234

Scores

EPSS 0.3740

EPSS Percentile 97.2%

Details

Status published

Products (1)

microsoft/internet_explorer 6

Published Oct 29, 2008

Tracked Since Feb 18, 2026