|
Informazioni sul sito |
|
|
Questo sito utilizza cookies. Continuando la navigazione acconsenti al loro impiego.
|
|
|
|
|
|
|
American Moon |
|
|
Il nuovo documentario
di Massimo Mazzucco
|
|
|
|
|
|
|
|
|
TUTTI I DVD DI LUOGOCOMUNE IN OFFERTA SPECIALE
ATTENZIONE: Chiunque voglia scrivere su Luogocomune è pregato di leggere prima QUESTO AVVISO (aggiornato 01.11.07)
|
|
|
|
|
Naviga in questo forum:
1 Utenti anonimi
|
|
|
-
Modalità di visualizzazione |
Piatti |
I più nuovi prima |
|
-
Mande |
|
Re: Attivissimo regala virus :-o | #1 |
Dubito ormai di tutto
Iscritto il: 13/1/2008
Da Cologna veneta
Messaggi: 1301
|
Fabrizio70 Citazione: Altro che errore , era pieno zeppo di virus , giusto per testare , se poi ti andava in malora il PC mica li aveva creati lui...
Ovviamente se non li aveva creati lui gli exploite non può certificare che fossero innocui. Il minimo da dire è che è stato quantomeno incauto. Pispax Citazione: EDIT: Mande, puoi postare per intero le descrizioni fornite da Symantec rispetto alle sei minaccie rilevate? A me fa leggere solo l'ultima.
Vediamo: Tre volte XMLid.Exploit Citazione: Discovered: March 6, 2002 Updated: February 13, 2007 12:36:04 PM Also Known As: Exploit-CodeBase, Exploit.CodeBaseExec Type: Trojan Horse
This exploit was disclosed in at least one security forum. It uses instructions based on XML data source object coding to run files that are stored locally. It does this without warning.
Uno Trojan.CrashIE Citazione: Discovered: September 7, 2004 Updated: February 13, 2007 12:27:11 PM Also Known As: Trojan.HTML.Crasher [KAV], HTML/CrashIE.B [F-PROT], Trojan:HTML/Crasher [GeCAD] Type: Trojan Horse Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Trojan.CrashIE is executed, it will cause Microsoft Internet Explorer to stop responding.
Uno HTTP MS IE Style Tag Cmt Mem Corruption Citazione: Severity: High This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. Description This signature detects attemps to exploit a weakness in the Internet Explorer CSS parser, which allows an attacker to issue a denial-of-service attack on the target host and possibly allows the attacker to execute arbitrary code. Additional Information A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminated is encountered after a STYLE tag.
It is reported that Internet Explorer will, under proper circumstances, compute the length of a comment string by subtracting a pointer to the terminator "*/" sequence of a comment from a pointer to the opening sequence "/*" of a comment. The result is used as a boundary check during a memcpy() operation performed on the comment string.
It is reported that if the comment is not closed with a terminator "*/" sequence, the algorithm used to derive the length of the comment string will result in a -2 Unicode string length. The memcpy() function will employ this value as 0xFFFFFFFE, and the size of this copy operation will result in a crash when a memory access violation occurs.
This issue could be exploited by a remote attacker to execute arbitrary code or cause a denial-of-service. The attacker would likely create a malicious HTML page and host it on a site. The attacker would then attempt to entice a user to visit the malicious page to carry out a successful attack. Other attack vectors may also exist, such as HTML email or other system components that support Cascading Style Sheets.
Uno HTTP MS XP HCP URI Handler Abuse Citazione: Severity: High This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. Description This signature detects an HTTP URI attempting to exploit the Help and Support Center for Windows XP. Additional Information A local Help and Support Center application was introduced with Microsoft Windows XP. It is an extended version of Help Center applications included in previous versions of the operating system. Included in the Help and Support Center application are utilities for troubleshooting hardware issues. One such utility (uplddrvinfo.htm) uses an ActiveX control that may potentially be used for malicious purposes.
Microsoft Internet Explorer on Windows XP comes equipped with a URI handler for the Help and Support Center application. The handler may be invoked through links. When such a link is requested by the browser, the Help and Control Center will load an appropriate page that is stored locally. The browser runs requests to the HCP URI handler with relaxed Security Zone restrictions. The uplddrvinfo.htm file uses an ActiveX control that may be used to delete local files.
Since the ActiveX control accepts file names from the HCP URIs, it is possible for an attacker to abuse this situation via a malicious link. Because the browser runs the HCP request with relaxed restrictions, the user is not prompted when the ActiveX control is executed. However, it has been reported that a window with a "Get Help With Your Hardware Device" dialog is displayed when uplddrvinfo.htm is invoked, and that the utility will follow through with the commands if the user closes this window.
It is confirmed that an attacker may construct a link that will cause specified files to be deleted if it is clicked on by the victim. A number of other files are included in the Help and Support Center application that may also be used by a remote attacker to perform various actions on the client system via a maliciously constructed HCP handler URI.
|
|
Non puoi inviare messaggi. Puoi vedere le discussioni. Non puoi rispondere. Non puoi modificare. Non puoi cancellare. Non puoi aggiungere sondaggi. Non puoi votare. Non puoi allegare files. Non puoi inviare messaggi senza approvazione.
|
|
|
|
|
|
|
|
|