[Project_owners] VML exploit

HJ van Rantwijk bugs4hj at aim.com
Sat Sep 23 16:26:35 EDT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yves Jean Marie Lambert wrote:
> HJ van Rantwijk wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> WebSense have put together a killer video that shows the VML exploit in
>> action, resulting in a fake Paypal website
> This is not a fake Paypal website : 

Correct, only the used paypal account is.  My text should have been more
clear.

> apparently the vml exploit logs keys
> from any website visited after the one wich contained the iframe

No, the VML exploit is only used to install the key logger.

/HJ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQFFFbSbRrb6S73JMeYRAtZKAKC/yJyviCjdVCt4x5WYw/W7Ns9muACgvvGV
tTDBB76lv6QDnBnji+iCqMY=
=j7/N
-----END PGP SIGNATURE-----


More information about the Project_owners mailing list