Rick Macdougall wrote: > Elizabeth Schwartz wrote: >> On 11/23/05, Cedric Foll <[EMAIL PROTECTED]> wrote: >>> is it possible to have a clamav signature for the exploit ? >>> Proof of conecpt here: >>> http://www.computerterrorism.com/research/ie/poc.htm >> >> >> I dunno about anyone else here , but I haven't heard of this site and I >> really, REALLY don't want to click on whatever that is. Want to provide some >> more detail? > > It is the Internet Explorer JavaScript Window() Remote Code Execution > proof of concept. I'm pretty sure you can not make a signature for that > exploit. >
AVG has the signature, so it is not impossible. ClamAV also has signatures for Iframe-exploits and XSS-attacks, so this one should also be possible too. Kind Regards, Sander Holthaus _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
