Home page logo

bugtraq logo Bugtraq mailing list archives

RE: AIM Password theft
From: "Drew Copley" <dcopley () eeye com>
Date: Wed, 24 Sep 2003 10:18:09 -0700

It is a zero day bug, one of two found in IE this past two weeks. It was
publically disclosed. Apparently, someone is using it. Which is not a

Jelmer's Bug:

A fix for this issue:

Or, you can turn off Activex and Javascript... But, most people will not do
that, and you might as well kill this component anyway.

-----Original Message-----
From: Brent Meshier [mailto:brent () meshier com] 
Sent: Tuesday, September 23, 2003 12:13 PM
To: bugtraq () lists securityfocus com
Subject: Re: AIM Password theft

      The code you just sent looks familiar to a SPAM I 
received attempting to hijack users' e-gold accounts.  Out of 
curiosity I followed that link which loaded start.html 
(attached).  What worries me is that I'm running IE 
6.0.2800.1106 with all the latest patches from Microsoft and 
this page (start.html) rewrote wmplayer.exe on my local drive 
without notice.  After closing the page, I found two .exe 
files on my desktop (which loaded from 
Is this a new 
unknown vulnerability?

Brent Meshier
Global Transport Logistics, Inc.
"Innovative Fulfillment Solutions"

-----Original Message-----
From: Mark Coleman [mailto:markc () uniontown com] 
Sent: Tuesday, September 23, 2003 11:43 AM
To: bugtraq () securityfocus org
Subject: [Fwd: Re: AIM Password theft]

Hi, can anyone shed some light on this for me?  If this is new, its 
going to spread like wildfire.  AOL or incidents lists have yet to 
reply....  it appears to be a legitimate threat as I have at 
least one 
user "infected" already..  Thank you..

-Mark Coleman

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]