Re: [Full-disclosure] New IE sploit?



Internet Storm Center's always informative Diary has the following new information:

"a particular site uses the "createTextRange" vulnerability to install a spybot variant."

More details at http://isc.sans.org/diary.php?storyid=1212

The timestamp of updated Diary entry is 2006-03-24 21:49:09 UTC.
No need to say that their role is not to share exact URLs.

- Juha-Matti


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey All,

I know this isn't really the place, but hey.
Has anyone got any sites that are currently using this, ideally links?

TIA

xyberpix

Blog: http://blogs.securiteam.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • coolwebsearch
    ... Has anyone seen a variant of CWS that seems to use Office ... Ad Aware and Spybot do not remove it. ... If I cancel this install a ...
    (microsoft.public.security.virus)
  • DMA[2005-0103a] - William LeFebvre "top" format string vulnerability
    ... Over four years later the vulnerability ... Recently LeFebvre was notified about the bug ... I'm going to assume that top needs to run setuid to root, ... install top setuid root. ...
    (Bugtraq)
  • [Full-Disclosure] DMA[2005-0103a] - William LeFebvre "top" format string vulnerability
    ... Over four years later the vulnerability ... Recently LeFebvre was notified about the bug ... I'm going to assume that top needs to run setuid to root, ... install top setuid root. ...
    (Full-Disclosure)
  • Re: PLEASE HELP!!!!! Cannot get address line to accept addresses
    ... CoolWebSearch (if not, then see AdAware, SpyBot, and HijackThis, ... tabs and remove any restrictions that the parasite has put in place. ... Be sure that you also download and install hotfix Q816093, ... Spyware and Hijackware Removal Support, ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: How to reinstall ...
    ... I have Adaware, Spybot, MS ... > Start by downloading each of the following additional free tools - and download ... > AdAware, CWShredder, and Spybot S&D have install routines - run them. ... > Spyware Warrior: ...
    (microsoft.public.windowsxp.network_web)