Microsoft Internet Explorer version 6.0 is vulnerable to a buffer overflow in mshtml.dll. By creating a malicious Web page containing a large number of script action handlers in a single HTML tag, a remote attacker could overflow a buffer and cause Internet Explorer to crash or possibly execute arbitrary code on a victim's system, once the malicious page is opened.
Note: This vulnerability also affects Mozilla Firefox, and possibly other vendor Web browsers.
I use firefox and don't think the subaru site is malicious.
Mcafee has buffer overflow protection regardless, so I open Macafee and the buffer over flow protection is turned off for some reason. I turn it on and then upgrade to the newest version of ad-aware and get the newest updates and scan and I got nothing.
I open up Mcafee On-Access scan statistics and it said it found 2 things, but didn't clean or delete them. I check in the quarantine folder, nothing there. I do a virus scan with Mcafee, it finds nothing, but still says in the stats that it found two things today.
Tried running a number of scans in safe mode, Mcafee, Spybot, Ad-Aware, nada. Is the alert from blackice about the Subaru site related to the two phantom virii and if so am I infected? I could use some expertise. If you guys think I should post an hjt log then can someone let me know and will a mod please move my post to the hjt part of the site?
Cliff notes: I might have two virii but cant find them and my firewall is telling me a trustworthy website is attacking me.