Alias: Exploit-URLSpoof.gen (McAfee),
HTML.URLSpoof.A,
HTML/URLSpoof.1156.Trojan,
JS.URLSpoof
Category: HTML, Java Script
Type: Other, Trojan
Published Date: 2/18/2004
Last Modified: 2/18/2004
CHARACTERISTICS
The URLSpoof family includes HTML web pages and e-mail messages that exploit a vulnerability in the way Internet Explorer displays some malformed URLs. It is often used to aid in stealing personal information such as Internet banking passwords.
More information on this issue (the "Improper URL Canonicalization Vulnerability") can be found in Microsoft Security Bulletin MS04-004:
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS04-004.asp
The patch provided by Microsoft removes support for URLs with usernames and passwords in this format:
http(s)://username:password@server/resource.ext
For more information on this URL syntax, its use and misuse, please see Microsoft Knowledge Base Article 834489:
http://support.microsoft.com/default.aspx?scid=kb;en-us;834489
Read more: http://www3.ca.com/virusinfo/virus.aspx?ID=38326

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic