FWIW: Same event yes. Also to clarify..."empty means no video not no code" :-).
Also, we have seen variants that include video and code now. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Juha-Matti Laurio Sent: Saturday, December 02, 2006 8:20 AM To: Fergie; [email protected] Subject: Re: [funsec] Websense: Malware of the Week: MySpace XSS QuickTime Worm Hmmm, is this the same issue than Neowin forum issue reported here: http://linuxbox.org/pipermail/funsec/2006-December/010547.html Neowin forum thread doesn't mention empty QT videos. Is this tip usefull to case reported by Websense: "...so open the quicktime .mov in notepad, look at the binary followed by "apple text writer plugin" i.e. to find JS code included. - Juha-Matti Fergie <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Another good one from the guys at Websense Labs. > > http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708 > > - - ferg > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.5.1 (Build 1557) > > wj8DBQFFcP7Kq1pz9mNUZTMRAryYAKDc4THKe/KmsY2ZRuxuPnxwYFiLUQCgwuVR > EYbSXWW0s9MnnMF8F1rKBNw= > =ZqIJ > -----END PGP SIGNATURE----- > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet fergdawg(at)netzero.net > ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
