Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Yahoo 0day Fwd: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces () lists grok org uk>
From: Bill Kruchas <bill () kruchas com>
Date: Fri, 8 Jun 2007 10:25:29 -0400 (EDT)

The vuln maybe 0day, doesn't seem like the exploit is though.

----- Forwarded Message -----
From: 
To: 
Sent: Thursday, June 7, 2007 10:05:38 PM (GMT-0500) America/New_York
Subject: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces () lists grok org uk>

VIRUS ALERT

Our content checker found
    virus: Exploit.HTML.IFrameBOF-4

in an email to you from unknown sender:
  ? () [208 179 105 3]
claiming to be: <full-disclosure-bounces () lists grok org uk>

Our internal reference code for your message is 27861-04/cskUvQ2LqAcm

First upstream SMTP client IP address: [195.184.125.51] lists.grok.org.uk
According to a 'Received:' trace, the message originated at: [208.179.105.3],
  [208.179.105.3]

Return-Path: <full-disclosure-bounces () lists grok org uk>
Message-ID: <762075.2520.qm () web63814 mail re1 yahoo com>
Subject: [Full-disclosure] Yahoo Webcam (Ywcvwr.dll) ActiveX Download and
  Exec Exploit 0day #2
The message has been quarantined as: virus-cskUvQ2LqAcm

Please contact your system administrator for details.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Yahoo 0day Fwd: VIRUS (Exploit.HTML.IFrameBOF-4) in mail TO YOU from <full-disclosure-bounces () lists grok org uk> Bill Kruchas (Jun 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault