On 09 Oct 07, at 20:04, gjgowey_at_tmo.blackberry.net wrote:
> Sometimes I really do have to wonder about people. Obviously it
> wasn't a message that came from me since the blackberry.net in my
> email might be a good clue that I'm using a blackberry to do my
> emails (in case the T-Mobile tagline/nagline was an obvious enough
> hint as is). Now I wonder which bag of garbage spammer to thank
> for this since someone is obviously running around with my email
> addr and spaming.
<snip>
> The file / html you received was infected with the Exploit-
> CVE2007-3845
> virus and was deleted.
Actually, my guess would be that a message you sent (or that you
quoted!) tripped someone's virus filter. CVE2007-3845 reads:
> Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x
> before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers
> to execute arbitrary commands via certain vectors associated with
> launching "a file handling program based on the file extension at
> the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor
> states that "it is still possible to launch a filetype handler
> based on extension rather than the registered protocol handler."
which sounds a lot like the topic that was being discussed.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Oct 09 2007
Intro
