Improper URL Canonicalization Vulnerability in Internet Explorer 5.01 through 6 SP1

Improper URL Canonicalization Vulnerability in Internet Explorer 5.01 through 6 SP1

CVE-2003-1025 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability."

Learn more about our User Device Pen Test.