Home / malwarePDF  


First posted on 21 October 2019.
Source: Microsoft

Aliases :

Exploit:Win32/Pdfjsc.AS is also known as Mal/PdfEx-C, Exploit.PDF-JS.Gen, Exploit-PDF.b.gen.

Explanation :

Exploit:Win32/Pdfjsc.AS is a detection for specially-crafted PDF files that attempt to exploit software vulnerabilities in Adobe Acrobat and Adobe Reader. These PDF files contain an embedded JavaScript that, when loaded (as when the files are opened in a vulnerable version of Adobe Acrobat or Adobe Reader) executes a shellcode that exploits the vulnerabilities. The shellcode may perform any action, such as downloading and running other malware. Exploit:Win32/Pdfjsc.AS usually arrives in the system when the user visits a Web page that contains a malicious PDF file or opens an e-mail message containing the PDF file as an attachment. The vulnerabilities it attempts to exploit are the following:  CVE-2007-5659 CVE-2008-2992 CVE-2009-0927   Analysis by Shawn Wang

Last update 21 October 2019