Accueil
Defense Center
Virus Information for - Exploit.HTML.IframeBof.BN

Exploit.HTML.IframeBof.BN

Propagation :	very high
Dégât :	medium
Size:	approx 2550 bytes
Détecté :	2005 Jul 25

SYMPTOMS:

Presence of a file named m00.exe.

TECHNICAL DESCRIPTION:

The script exploits a vulnerability discovered on Internet Explorer 5.0 (blnmgr.dll). When executed, the script adds the following clsid: "083863f1-70de-11d0-b4d0-00a0c911ce86". The shellcode of the exploit is then executed on the remote host. It first tries to resolve its imports and after that tries to download and execute a file from the address: http://freedom.tih[hidden]. After the files is executed, the browser is being closed. The files is saved with the name m00.exe

Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Mihai Razvan Benchea, virus researcher

Archives des bulletins d’informations

Encyclopédie des virus
Rapport de virus en temps réel
Règles de sécurité
Appellations et définitions

Suivez-nous ici :

Accès rapide:
Pourquoi choisir BitDefender? |
Renouveler une licence |
Assistance technique gratuite |

Plan du site |
Mentions Légales |
Commentaires sur le site |
Sites internationaux |
Données à caractère personnel