Threat Monitor
Troj.Exploit.JS.RealPlr.mv
| Aliase: | |
|---|---|
| Pattern: | 200907061330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
|
This malicious program exploits vulnerability CVE-2007-4748.
PPStream PowerPlayer.DLL ActiveX control with the CLSID:5ec7c511-cd0f-42e6-830c-1bd9882f3458 is prone to a buffer-overflow vulnerability caused by improper bounds checking. By persuading a victim to visit a specially crafted Web page with a malicious Logo value which will trigger a buffer overflow, a remote attacker could overflow a buffer and execute arbitrary code on the target system.
The sample attempted to download pps.exe from down.dj7788.cn when it was executed.
Affected Versions: PPStream PowerPlayer ActiveX Control 2.0.1.3829
PPStream PowerPlayer.DLL ActiveX control with the CLSID:5ec7c511-cd0f-42e6-830c-1bd9882f3458 is prone to a buffer-overflow vulnerability caused by improper bounds checking. By persuading a victim to visit a specially crafted Web page with a malicious Logo value which will trigger a buffer overflow, a remote attacker could overflow a buffer and execute arbitrary code on the target system.
The sample attempted to download pps.exe from down.dj7788.cn when it was executed.
Affected Versions: PPStream PowerPlayer ActiveX Control 2.0.1.3829
