funsec mailing list archives
Re: Websense: Malware of the Week: MySpace XSS QuickTime Worm
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sat, 2 Dec 2006 18:20:13 +0200 (EET)
Hmmm, is this the same issue than Neowin forum issue reported here: http://linuxbox.org/pipermail/funsec/2006-December/010547.html Neowin forum thread doesn't mention empty QT videos. Is this tip usefull to case reported by Websense: "...so open the quicktime .mov in notepad, look at the binary followed by "apple text writer plugin" i.e. to find JS code included. - Juha-MattiFergie <fergdawg () netzero net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another good one from the guys at Websense Labs. http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.1 (Build 1557) wj8DBQFFcP7Kq1pz9mNUZTMRAryYAKDc4THKe/KmsY2ZRuxuPnxwYFiLUQCgwuVR EYbSXWW0s9MnnMF8F1rKBNw= =ZqIJ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Websense: Malware of the Week: MySpace XSS QuickTime Worm Fergie (Dec 01)
- <Possible follow-ups>
- Re: Websense: Malware of the Week: MySpace XSS QuickTime Worm Juha-Matti Laurio (Dec 02)
- RE: Websense: Malware of the Week: MySpace XSS QuickTime Worm Hubbard, Dan (Dec 04)
- Re: Websense: Malware of the Week: MySpace XSS QuickTime Worm Juha-Matti Laurio (Dec 02)