[<prev] [next>] [day] [month] [year] [list]
Message-ID: <32309457.01181312729342.JavaMail.root@mail.kruchas.com>
Date: Fri, 8 Jun 2007 10:25:29 -0400 (EDT)
From: Bill Kruchas <bill@...chas.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Yahoo 0day Fwd: VIRUS (Exploit.HTML.IFrameBOF-4)
in mail TO YOU from <full-disclosure-bounces@...ts.grok.org.uk>
The vuln maybe 0day, doesn't seem like the exploit is though.
----- Forwarded Message -----
From:
To:
Sent: Thursday, June 7, 2007 10:05:38 PM (GMT-0500) America/New_York
Subject: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces@...ts.grok.org.uk>
VIRUS ALERT
Our content checker found
virus: Exploit.HTML.IFrameBOF-4
in an email to you from unknown sender:
?@[208.179.105.3]
claiming to be: <full-disclosure-bounces@...ts.grok.org.uk>
Our internal reference code for your message is 27861-04/cskUvQ2LqAcm
First upstream SMTP client IP address: [195.184.125.51] lists.grok.org.uk
According to a 'Received:' trace, the message originated at: [208.179.105.3],
[208.179.105.3]
Return-Path: <full-disclosure-bounces@...ts.grok.org.uk>
Message-ID: <762075.2520.qm@...63814.mail.re1.yahoo.com>
Subject: [Full-disclosure] Yahoo Webcam (Ywcvwr.dll) ActiveX Download and
Exec Exploit 0day #2
The message has been quarantined as: virus-cskUvQ2LqAcm
Please contact your system administrator for details.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists