Home / malwarePDF  

Exploit:Win32/Pdfjsc.X


First posted on 16 April 2009.
Source: SecurityHome

Aliases :

Exploit:Win32/Pdfjsc.X is also known as Also Known As:CVE-2007-5659 (other), CVE-2008-2992 (other).

Explanation :

Exploit:Win32/Pdfjsc.X is a detection for a Portable Document Format (PDF) file that exploits one or more PDF vulnerabilities. When opened using vulnerable versions of Adobe Acrobat or Adobe Reader, Exploit:Win32/Pdfjsc.X exploits the vulnerabilities tracked in CVE-2007-5659 and CVE-2008-2992. Successful exploitation of the vulnerability activates the contained payload.

Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).

Exploit:Win32/Pdfjsc.X is a detection for a Portable Document Format (PDF) file that exploits one or more PDF vulnerabilities. When opened using vulnerable versions of Adobe Acrobat or Adobe Reader, Exploit:Win32/Pdfjsc.X exploits the vulnerabilities tracked in CVE-2007-5659 and CVE-2008-2992.

Installation
Exploit:Win32/Pdfjsc.X may be introduced to the system via an e-mail attachment in spam messages or hosted on a malicious website.

Payload
Downloads & Executes MalwareThe specially crafted PDF file detected as Exploit:Win32/Pdfjsc.X contains Javascript code, which triggers the vulnerabilities. This code then downloads and executes other malware on the affected system.Additional InformationThe vulnerabilities exploited by this malware are referenced by Common Vulnerabilities and Exposures (CVE) Identifiers CVE-2007-5659 and CVE-2008-2992. Adobe has provided security updates for affected products in Adobe Security Bulletin Security Bulletin APSB08-13 and APSB08-19. For more information about the above mentioned security bulletins and CVE ID see the following links:

  • CVE-2007-5659
  • CVE-2008-2992
  • Adobe Security Bulletin APSB08-13
  • Adobe Security Bulletin APSB08-19


  • Analysis by Marian Radu

    Last update 16 April 2009

     

    TOP