|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
GOOROO CROSSING: File Spoofing Internet Explorer 6
http-equiv
excite.com
Date: Tue Jan 27 2004 - 11:27:21 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tuesday, January 27, 2004
Trivial file spoofing in Internet Explorer 6.0.2800.1106 and all
of 'its' patches to date on WIN XP [probably others]:
Content-Disposition: attachment; filename=malware.{3050f4d8-98B5-
11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"
Absolute bare minimum working demo [perhaps even feeble] as we
are absolutely confident the self-appointed resident gooroo will
be along shortly handing out packets of two cents to everyone
thus saving us the effort to illustrate in even greater detail
to those lacking imagination:
http://www.malware.com/gooroo.html
End Call
--
http://www.malware.com
-----
NTBugtraq Editor's Note:
Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]