MOAB-03-01-2007: Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
Summary A month ago, a vulnerability in QuickTime was exploited to spread a worm in MySpace. The vulnerability was first published by pdp. In his article, pdp describes how HREFTrack attribute in .mov files can be used for malicious scripting. The MySpace worm abused this vulnerability in a...