No they don't. All your link implies is that either a) someone compromised the itunes account associated with that band and added the script, or b) it was injected into place.
However at no point is the javascript executed. Sigh, do you have a CSSIP aswell? On 4/1/11, matador matador <[email protected]> wrote: > Seems that Websense agree with me... > > http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx > > ... or better they copy and paste my trivial link ... LOL! :))) > > 2011/3/29 Cal Leeming <[email protected]> > >> Unconfirmed, seems to escape fine for me. >> >> On Tue, Mar 29, 2011 at 3:22 PM, matador matador >> <[email protected]>wrote: >> >>> Enjoy! :) >>> >>> http://www.google.com/search?q=lizamoon.com+site%3Aapple.com >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
