Re: IE Object Type Validation Vulnerability Exploit

[<olafandjasper () hushmail com>]

Hello phlox,
Can you help me out here...I am in need of an explanation as to why page.hta
set off our virus scan bells.  I opened page.hta and my virus scan alerts
went off.  I am ... hopefull ... that it is a false positive.  Therefore,
 maybe you could explain what triggered this :
Scan type:  Realtime Protection Scan

Event:  Virus Found!
Virus name: Download.Trojan
File:  C:\x.exe
Location:  C:
  

Thanks,
Olaf
On Mon, 15 Sep 2003 13:43:52 -0700 phlox <phlox () comcast net> wrote:
> Messagepage.php > page.hta
> look at page.hta attachment?
>
>
> -phlox
>
>
>  ----- Original Message ----- 
>  From: n30 
>  To: full-disclosure () lists netsys com 
>  Sent: Monday, September 15, 2003 12:46 PM
>  Subject: [Full-disclosure] IE Object Type Validation Vulnerability
> Exploit
>
>
>  Guys,
>
>  Any body knows of any exploit for the Object type vuln
>
>  Eeye has a POC http://archives.neohapsis.com/archives/vulnwatch/2003-

> q3/0084.html
>
>  But I need something more firm for demonstartion. 
>
>  Any links/pointers apprciated
>
>  Thanks in advance
>  -N



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html