Back to list
MS06-044 XSS exploits in the wild
Dec 22 2006 05:26PM
Moyer, Shawn - St. Louis, MO (shawn moyer stl usda gov)
We have seen a number of XSS exploit attempts with MS06-044 payloads in
the past few days. Several are using the site below to load payloads.
The attackers appear to be compromising small ecommerce sites via SQL
injection vulns and then loading the XSS from there.
The code is hosted on the site below, and loads payloads for IE /
MS06-044 and Firefox 1.5.4 and 1.0.4.
Shawn Moyer, CISSP CCNA CNIE
OCIO :: ITS :: Operations Security
1520 Market Street (FC-432B)
Saint Louis, MO, 63103
[ reply ]
Copyright 2010, SecurityFocus