Elizabeth Schwartz wrote:
On 11/23/05, Cedric Foll <[EMAIL PROTECTED]> wrote:
is it possible to have a clamav signature for the exploit ?
Proof of conecpt here:
http://www.computerterrorism.com/research/ie/poc.htm
I dunno about anyone else here , but I haven't heard of this site and I
really, REALLY don't want to click on whatever that is. Want to provide some
more detail?
Hi,
It is the Internet Explorer JavaScript Window() Remote Code Execution
proof of concept. I'm pretty sure you can not make a signature for that
exploit.
The site in this case is just sees if your IE is vulnerable and if so
launches calc.exe
lynx is your friend with suspicious URL's
Regards,
Rick
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
