Re: [Full-Disclosure] Re: Spyware installs with no interaction in IE on fully patched XP SP2 box
From: GuidoZ (uberguidoz_at_gmail.com)
Date: 10/05/04
- Previous message: Thierry Carrez: "[ GLSA 200410-02 ] Netpbm: Multiple temporary file issues"
- In reply to: Willem Koenings: "[Full-Disclosure] Re: Spyware installs with no interaction in IE on fully patched XP SP2 box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Willem Koenings <isec@europe.com> Date: Mon, 4 Oct 2004 23:27:46 -0700
Bingo - that's what I found too. The javascript is what does the dirty work.
-- Peace. ~G On Mon, 04 Oct 2004 09:55:19 -0500, Willem Koenings <isec@europe.com> wrote: > > hi, > > > I was unable to verify it, since I don't use IE, and would prefer not > > infecting myself on accident, however I did run across this: > > > > http://themexp.org/about_wrap.php > > > > Perhaps one of the themes you downloaded was bundled with the spyware? > > two tiny links from there: > > http://WWW.addictivetechnologies.net/dm0/js/Confirm80wu03rd.js > http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab > > W. > > -- > ___________________________________________________________ > Sign-up for Ads Free at Mail.com > http://promo.mail.com/adsfreejump.htm > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Thierry Carrez: "[ GLSA 200410-02 ] Netpbm: Multiple temporary file issues"
- In reply to: Willem Koenings: "[Full-Disclosure] Re: Spyware installs with no interaction in IE on fully patched XP SP2 box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
