Full Disclosure mailing list archives
Yahoo 0day Fwd: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces () lists grok org uk>
From: Bill Kruchas <bill () kruchas com>
Date: Fri, 8 Jun 2007 10:25:29 -0400 (EDT)
The vuln maybe 0day, doesn't seem like the exploit is though. ----- Forwarded Message ----- From: To: Sent: Thursday, June 7, 2007 10:05:38 PM (GMT-0500) America/New_York Subject: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces () lists grok org uk> VIRUS ALERT Our content checker found virus: Exploit.HTML.IFrameBOF-4 in an email to you from unknown sender: ?@[208.179.105.3] claiming to be: <full-disclosure-bounces () lists grok org uk> Our internal reference code for your message is 27861-04/cskUvQ2LqAcm First upstream SMTP client IP address: [195.184.125.51] lists.grok.org.uk According to a 'Received:' trace, the message originated at: [208.179.105.3], [208.179.105.3] Return-Path: <full-disclosure-bounces () lists grok org uk> Message-ID: <762075.2520.qm () web63814 mail re1 yahoo com> Subject: [Full-disclosure] Yahoo Webcam (Ywcvwr.dll) ActiveX Download and Exec Exploit 0day #2 The message has been quarantined as: virus-cskUvQ2LqAcm Please contact your system administrator for details. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Yahoo 0day Fwd: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces () lists grok org uk> Bill Kruchas (Jun 08)