Greetings, A little while ago I bumped into this new XSS worm on MySpace, I wrote about it on my blog (direct link: http://xavsec.blogspot.com/2005/12/new-myspace-xss-worm-circulating.html)
But here is what I know thus far: 1) There is a XSS vulnerability in MySpace.com, in the form of an unsanitized vulnerability in the variable name "TheName". 2) The XSS worm is propagating via malicious .swf Flash files, using ActionScript and Cross-Domain data loading. 3) Thanks to the XSS, and http://www.myspace.com/crossdomain.xml (note specifically: allow-access-from domain="*"/) the worm hit many users across MySpace. -- Xavier. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
