[Full-Disclosure] New exploit now circulating?

[Kristian Hermansen]

It looks like the new iFrame exploit is making the rounds, so has anyone analyzed the payload yet (see below)?  Or is this just the new Netsky.P?  Is it linking to a local file or within the email itself?  What’s going on here or did I miss something?   cid:[EMAIL PROTECTED]   What is this link when deciphered?   Kristian Hermansen [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 24, 2004 2:35 PM To: [EMAIL PROTECTED] Subject: Mail Delivery (failure [EMAIL PROTECTED])   If the message will not displayed automatically, follow the link to read the delivered message. Received message is available at: www.zerotoys.com/inbox/webmaster/read.php?sessionid-797