Interesting vector for browser vulnerability exploit…ebay



incidents.org has received a tip on an ebay item that contained some malicious script…

ISC reader Gareth Attrill pointed us to an eBay auction that has some escaped HTML code that sneaks in a link that tries to get a trojanized .jar (usage.jar) file loaded on anyone who loads the listing. The latest .dat for McAfee immediately detected (and deleted) the code as Exploit-ByteVerify. The lister most likely managed to bypass other protections that otherwise prevents this kind of code from being inserted into item listings. Both eBay and the ISP that is hosting the malware have been notified.


This is an interesting way to use a legit site to sneak something past the casual users. Their warning is to verify any html input that you allow from visitors to your site.

Related Posts

Blog Traffic Exchange Related Posts
  • Facebook Fan Check Application Virus Just as last week, the facebook fan check application virus rumor is making the rounds again. And also just as last week people searching for information on the facebook fan check virus are running into some of the top search results hosting malware. There were several attack sites up last......
  • Big Go-Daddy hosting attack In what feels like a continuation of recent bad news related to major hacks and data losses.....George Ou reports on a BIG hack of GoDaddy hosting customers. There was also a big hack-athon by Turkish hackers over the last week that will be recorded as the biggest mass-web-site-defacement on record.........
  • Update on Internet Explorer Exploit in the wild If you use Internet Explorer to browse the web, I'd suggest finding the instructions to disable active scripting, or drop it and use something else in light of the recent exploit floating around. It seems that in spite of Microsoft's infinite wisdom that "Microsoft has determined that an attacker who......
Blog Traffic Exchange Related Websites
  • Guide To EBay Local Pick Up Items Purchase And Delivery eBay is without doubt the most widely known website to look for second hand items However, while many items such as mobile phones, cameras, clothes can be shipped easily through courier companies or postal services,relatively heavy items such as furniture and cars cannot. Therefore, many eBay sellers select the......
  • No Far More Boring Weblog Templates For Your WordPress Blog I am positive that if you are visiting this page, you will be interested in genesis theme framework. Probably the hardest aspect of WordPress to grasp for new customers is that there's no set "look" to the site it produces - the content and design and style are fully separated,......
  • Tools To Analyze Your Website For Improvements Instantly To Try Today Today I would help you with the list of tools to analyze your website for doing improvements instantly. Using the right tools for analyzing your website will make your work much more simpler. I have categorized the improvement areas for the website as HTML, CSS, Speed, SEO, Text & Image.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site