2.6 CVE-2004-2219

Exploit

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.
https://nvd.nist.gov/vuln/detail/CVE-2004-2219

References

BUGTRAQ Exploit

20040815 NullyFake - Site Spoofing in MSIE Exploit

MISC

http://umbrella.name/originalvuln/msie/NullyFake/nullyfake-content.txt

OSVDB

8978

SECTRACK Exploit

1010957 Exploit

SECUNIA Exploit

12304 Exploit Vendor Advisory

XF

ie-address-bar-spoofing(17007)

CPE

cpe	start	end
Configuration 1
cpe:2.3:a:microsoft:internet_explorer:5.5:::::::*
cpe:2.3:a:microsoft:internet_explorer:6.0:::::::*
cpe:2.3:a:microsoft:ie:6.0:sp1::::::
cpe:2.3:a:microsoft:internet_explorer:5.01:::::::*

Exploits

Exploit-db.com

id	description	date
No known exploits

Other (github, ...)

Url
20040815 NullyFake - Site Spoofing in MSIE
1010957
12304

CAPEC

id	description	severity
No entry

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution