Looks like the AV scanners are picking up the exploit method. I have not verified the executable attachment, nor have I verified the exploit works. If someone has done either, please post. BB System Attendant wrote: > > ScanMail for Microsoft Exchange has taken action on the message, please > refer to the contents of this message for further details. > > Sender = heyhey_at_private > Recipient(s) = vuln-devat_private; > Subject = pure IE code injection > Scanning Time = 03/23/2002 16:09:58 > Engine/Pattern = 5.630-1025/248 > > Action on message: > The attachment 4.zip contained JS_CIDEXPLOIT.B virus. ScanMail has taken the > Deleted action. > > Warning to recipient. ScanMail has detected a virus on HQ2KAX1.
This archive was generated by hypermail 2b30 : Sat Mar 23 2002 - 15:15:46 PST