SecurityHome.eu Exploit.Html.Ieslice.P

Home / malware PDF

Exploit.Html.Ieslice.P

First posted on 21 November 2011.
Source: BitDefender
Aliases :
There are no other names known for Exploit.Html.Ieslice.P.
Explanation :
It comes as an embedded, very obfuscated JS script inside a html page that displays the "404 - Document not found message" error message.

It takes advantage of the Microsoft WebViewFolderIcon ActiveX Control Buffer Overflow Vulnerability to allow the download code that is stored in a JS unescape sequence to be executed and thus downloading the malware found at address http://lakisman.info/logo/[removed]

If, by any chance this exploit fails it has another possibility to download the malware by using one vulnerability in the ADODB.Stream object from Internet Explorer. A description of this vulnerability can be found here : http://support.microsoft.com/default.aspx?scid=kb;EN;870669
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20