polonus
1
Hi forum friends,
Is there malcode here? - mdl_obfuscated iframe leads to exploit kit
via stat.php and hole.php (now both seem dead, see “about:blank” found there)
: http://www.virustotal.com/url-scan/report.html?id=999a02ff9f4ea1bbc2fc5495622efb66-1316866575 (3 /16 (18.8%)
See: http://www.virustotal.com/file-scan/report.html?id=61b1d7bea6e5a9b8fbe818cff5f31cf2579bf540d2d090100aa09818ec66abe3-1316873778
Found benign: http://wepawet.iseclab.org/view.php?hash=999a02ff9f4ea1bbc2fc5495622efb66&t=1316874094&type=js
maybe because of the “about:blank” there.
Vulnerability alert here: http://urlquery.net/report.php?id=3490
and well - Oracle Java Web Start Plugin Command Line Argument Injection, CVE-2010-0886
polonus