Jump to content
SAU Community

Images Not Showing Up Only Url

overd0se
 Share

Recommended Posts

VSPEC-33 Community Regular

VSPEC-33

Posted
Posted

Another one here for a whole lot of characters appearing when clicking on an image.

Also noticed when i first logged in today this site wanted to install an Active X control, some Microsoft Data something or other. I didnt install it as i didnt see a notice to say that it was okay to run on the bulletin board.

Some of the fonts are showing up larger than they usually do aswell

Are these related?

B0oStEr Mentor

B0oStEr

Posted
Posted

I still can't upload images into private messages.

I browse, double click and the image name appears but when I ckick on add attachment it goes to a blank page rather than show the attachment in the pm.

Anyone else have this problem or have I picked up a virus or something?

lanky71 Veteran

lanky71

Posted
Posted
i stil cant upload, and now i cant even login to msn.. that dsb.exe must have infected my pc, and now i feel like taking SAU to court.. :\

lol, if you read the conditions when you join the site there is a bit in there about SAU not being liable for such actions as you should have adequate protection.

MKDR33 Mentor

MKDR33

Posted
Posted
lol, if you read the conditions when you join the site there is a bit in there about SAU not being liable for such actions as you should have adequate protection.

im just mucking around, relax.. but i suggest u get someone to fix this crap.. the exploit is still there..

R31Nismoid Grand Master

R31Nismoid

Posted
Posted

We realise there is an issue.

Its a lot harder to fix something than you realise because there are limited people with access.

And the people with access are busy, they have thier own personal lives as SAU Admins/Mods are unpaid...

If your own PC is correctly protected then you wont have an issue.

Please be patient. Constantly posting about the fact it isnt fixed, simply is not going to help the issue especially when your not even a donor :D

Sl!m Grand Master

Sl!m

Posted
Posted

For the exploit to work it *needs* Microsoft XML Core Services to be installed. Microsoft XML Core Services are not installed by default on Windows XP, but there seems to be a lot of packages using it, Visual Studio appears to be one common one. You can check in the Add or Remove Programs applet if you have it installed.

> The exploit works in both IE6 and IE7, which makes sense since it's exploiting a vulnerability in an ActiveX object, not in the browser itself. When executed the exploit creates an MSXML 4.0 ActiveX object (88d969c5-f192-11d4-a65f-0040963251e5). It then uses multiple setRequestHeader() method calls to execute shellcode which is included with the exploit. Once executed the shellcode (of course) first downloads the first stage downloader. At the moment it's a file called tester.dat:

16ac9982d177a47a20c4717183493e95 tester.dat

This downloader then downloads subsequent files (yet to be analysed). It looks like some AV vendors are beggining to detect the exploit. At this moment it is being detected by McAfee as Exploit-XMLCoreSrvcs and Symantec as Bloodhound.Exploit.96*. Microsoft also detects it as Exploit:HTML/Xmlreq.A. The best protection, is to prevent the XMLHTTP 4.0 ActiveX Control from running in Internet Explorer, as stated in Microsoft's advisory: http://www.microsoft.com/technet/security/...ory/927892.mspx ."

* http://www.symantec.com/security_response/...-110611-5730-99

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


×
×
  • Create New...