Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Websense’ Security Alert

March 2009 by Websense

Websense® Security Labs ThreatSeeker Network has discovered that the official Web site of the Embassy of Portugal in India has been compromised and is infecting the machines of site visitors with malicious code. Malicious code has been inserted onto the main page of the site via multiple iframes. These iframes redirect to the pages of different hosts that contain malicious obuscated JavaScript code that takes advantage of the following exploits: VMLRender exploit (MS07-004), 2007 WinZip FileView ActiveX CreateNewFolderFromName method exploit (CVE-2006-6884), Apple QuickTime RTSP exploit (CVE-2007-0015), MS Internet Explorer WebViewFolderIcon exploit (CVE-2006-3730), Internet Explorer (MDAC) Remote Code Execution exploit (MS06-014), and Adobe Reader PDF exploit (CVE-2007-5659).

The Embassy of Portugal in India provides visitors with brief information about bilateral relations between the countries, related news and events, tourism, and consular information.

Websense ThreatSeeker Network has been tracking how this type of attack is carried out successfully over such reputable Web sites, targeting their peers and other visitors.

Websense Messaging and Websense Web Security customers are protected against this attack.

See previous articles


See next articles