Home / malwarePDF  


First posted on 05 May 2020.
Source: Microsoft

Aliases :

Exploit:JS/CVE-2008-0015 is also known as JS/Dish!exploit, Exploit:JS/ShellCode.gen, JS.BOFExploit.Gen.

Explanation :

Exploit:JS/CVE-2008-0015 is the detection for code that attempts to exploit a vulnerability in the Microsoft Video ActiveX Control. This vulnerability is discussed in detail in Microsoft Security Advisory (972890). When a user visits a Web page containing an exploit detected as Exploit:JS/CVE-2008-0015, it may connect to a remote server and download other malware. Currently, we are aware of cases where exploits download and execute Worm:Win32/Dogkild.A on the system. An attacker who successfully exploits this vulnerability may be able to gain the same user rights as the local user. When using Internet Explorer, code execution may not require any user intervention. For more information, see Microsoft Security Advisory (972890).  Analysis by Vincent Tiu

Last update 05 May 2020