RE: Is this a new exploit?

To: <noemailpls@xxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: RE: Is this a new exploit?
From: "Portz, Jon" <jportz@xxxxxxxxxx>
Date: Wed, 28 Dec 2005 08:47:42 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AcYLRZ0tNAmj/P2wSlaXPLY/cVwqzwAb1iQA
Thread-topic: Is this a new exploit?

Windows .wmf vulnerability, look here:

http://secunia.com/advisories/18255/

JTP

-----Original Message-----
From: noemailpls@xxxxxxxxxxxxx [mailto:noemailpls@xxxxxxxxxxxxx] 
Sent: Tuesday, December 27, 2005 3:20 PM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Is this a new exploit?

Warning the following URL successfully exploited a fully patched windows xp
system with a freshly updated norton anti virus.

unionseek.com/d/t1/wmf_exp.htm

The url runs a .wmf and executes the virus, f-secure will pick up the virus
norton will not.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Prev by Date: Re: Is this a new exploit?
Next by Date: [ GLSA 200512-16 ] OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library
Previous by thread: Re: Is this a new exploit?
Next by thread: MDKSA-2005:238 - Updated php/php-mbstring packages fix mail injection vulnerability
Index(es):
- Date
- Thread