This is not mine. I’ve found following from one of the vulnerability positings of packetstorm.
<snip>
it’s the same modus operandi we’ve seen over and over in the past months, it goes something like this
- Find an cross zone scripting exploit
- Load a local trusted resource in an iframe
- Inject javascript code in the trusted iframe using the cross zone scripting exploit to take over the computer, using the adodb.stream issue for instance
</snip>
This type (I’m not talking about simulating user click popping up window method; that’s a different one.) of modus operandi is currently used for opening pop-up and installation of unwanted toolbar. AFAIK, there’s no way to avoid this type of attack currently. Fortunately, the method currently used is way too cumbersome to mimic.
Leave a Reply