lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Oct 2007 20:25:18 -0700 From: Andrew Farmer <andfarm@...il.com> To: gjgowey@....blackberry.net Cc: Full-Disclosure dis <full-disclosure@...ts.grok.org.uk> Subject: Re: Report to Recipient(s) On 09 Oct 07, at 20:04, gjgowey@....blackberry.net wrote: > Sometimes I really do have to wonder about people. Obviously it > wasn't a message that came from me since the blackberry.net in my > email might be a good clue that I'm using a blackberry to do my > emails (in case the T-Mobile tagline/nagline was an obvious enough > hint as is). Now I wonder which bag of garbage spammer to thank > for this since someone is obviously running around with my email > addr and spaming. <snip> > The file / html you received was infected with the Exploit- > CVE2007-3845 > virus and was deleted. Actually, my guess would be that a message you sent (or that you quoted!) tripped someone's virus filter. CVE2007-3845 reads: > Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x > before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers > to execute arbitrary commands via certain vectors associated with > launching "a file handling program based on the file extension at > the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor > states that "it is still possible to launch a filetype handler > based on extension rather than the registered protocol handler." which sounds a lot like the topic that was being discussed. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists