Re: ScanMail Message: To Recipient virus found or matched file blocking setting.

[Blue Boar <BlueBoar () thievco com>]

Looks like the AV scanners are picking up the exploit method.  
I have not verified the executable attachment, nor have I
verified the exploit works.  If someone has done either, 
please post.

                                        BB

System Attendant wrote:
> ScanMail for Microsoft Exchange has taken action on the message, please
> refer to the contents of this message for further details.
>
> Sender = heyhey_ () iname com
> Recipient(s) = vuln-dev () securityfocus com;
> Subject = pure IE code injection
> Scanning Time = 03/23/2002 16:09:58
> Engine/Pattern = 5.630-1025/248
>
> Action on message:
> The attachment 4.zip contained JS_CIDEXPLOIT.B virus. ScanMail has taken the
> Deleted action.
>
> Warning to recipient. ScanMail has detected a virus on HQ2KAX1.