Sunday, 19 March 2006 - 3:42 AM EST
Name:
tom
Hello,
Apparently, there is a certain vulnerability
connected with the use if IFRAMES.
Here is something I found on Google:
IFRAME.BoF
IFRAME.BoF is an exploit for a buffer overrun vulnerability.....
The exploit is included in a malicious web page or in an e-mail message in HTML format, which contain executable code. This executable code is automatically run when a buffer overflow occurs while processing a specially crafted IFRAME, FRAME or EMBED tag.
If exploited successfully, IFRAME.BoF allows to run arbitrary code, which could be of any nature.
As mentioned above, this exploit is hosted in web pages or included in e-mail messages in HTML format. In order to exploit the vulnerability, a malicious user would have to entice the user into accessing one of those web pages or opening the e-mail message.
Some variants of the worm Mydoom use this exploit in order to affect computers.
READ MORE: http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=54346
I hope this helps...