Threat Monitor
Troj.Exploit.W32.CrashIe.b
| Aliase: | |
|---|---|
| Pattern: | 200908211330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
|
This malicious program exploits vulnerability CVE-2009-2433.
Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. The vulnerability is caused due to an error in the AddFavorite method in Microsoft Internet Explorer. The vulnerability can result in a stack-based buffer overflow via a long URL in the first argument. Successful exploits may allow the remote attacker to crash Microsoft Internet Explorer, cause a denial of service (application crash), and possibly have other unspecified impacts on the attacked system.
The sample contains a specially crafted SWF file. The sample dropped a Trojan to the system when it executed.
Affected Versions: Microsoft Internet Explorer 8.0
Microsoft Internet Explorer 7.0
Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. The vulnerability is caused due to an error in the AddFavorite method in Microsoft Internet Explorer. The vulnerability can result in a stack-based buffer overflow via a long URL in the first argument. Successful exploits may allow the remote attacker to crash Microsoft Internet Explorer, cause a denial of service (application crash), and possibly have other unspecified impacts on the attacked system.
The sample contains a specially crafted SWF file. The sample dropped a Trojan to the system when it executed.
Affected Versions: Microsoft Internet Explorer 8.0
Microsoft Internet Explorer 7.0
