[Full-Disclosure] IE Object Type Validation Vulnerability Exploit
olafandjasper at hushmail.com
olafandjasper at hushmail.com
Tue Sep 16 20:00:38 BST 2003
Hello phlox,
Can you help me out here...I am in need of an explanation as to why page.hta
set off our virus scan bells. I opened page.hta and my virus scan alerts
went off. I am ... hopefull ... that it is a false positive. Therefore,
maybe you could explain what triggered this :
Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: Download.Trojan
File: C:\x.exe
Location: C:
Thanks,
Olaf
On Mon, 15 Sep 2003 13:43:52 -0700 phlox <phlox at comcast.net> wrote:
>Messagepage.php > page.hta
>look at page.hta attachment?
>
>
>-phlox
>
>
> ----- Original Message -----
> From: n30
> To: full-disclosure at lists.netsys.com
> Sent: Monday, September 15, 2003 12:46 PM
> Subject: [Full-Disclosure] IE Object Type Validation Vulnerability
>Exploit
>
>
> Guys,
>
> Any body knows of any exploit for the Object type vuln
>
> Eeye has a POC http://archives.neohapsis.com/archives/vulnwatch/2003-
>q3/0084.html
>
> But I need something more firm for demonstartion.
>
> Any links/pointers apprciated
>
> Thanks in advance
> -N
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
Full-Disclosure is hosted and sponsored by Secunia.