Home / malware TrojanDownloader:Java/OpenStream.F
First posted on 08 June 2010.
Source: SecurityHomeAliases :
TrojanDownloader:Java/OpenStream.F is also known as Exploit.Java.38 (Dr.Web), Java/TrojanDownloader.Agent.NAM (ESET), Exploit.Java.CVE-2009-3867.gen (Kaspersky), Exploit-CVE2009-3867 (McAfee), Troj/Clsldr-AE (Sophos).
Explanation :
TrojanDownloader:Java/OpenStream.F is a detection for malicious Java class components that attempt to download and execute arbitrary code. The trojan attempts to exploit vulnerabilities mitigated by Microsoft Security Bulletin MS03-011 and CVE-2009-3867.
Top
TrojanDownloader:Java/OpenStream.F is a detection for malicious Java class components that attempt to download and execute arbitrary code. The trojan attempts to exploit vulnerabilities mitigated by Microsoft Security Bulletin MS03-011. InstallationThis trojan may execute when a user browses a malicious Web page containing the threat. The malicious Java applet contains exploits that trigger remote code execution, allowing an attacker to run arbitrary code on the affected computer. TrojanDownloader:Java/OpenStream.F uses the following exploits depending on the platform and Java version:CVE-2009-3867 (detected as Exploit:Java/CVE-2009-3867) Microsoft Security Bulletin MS03-011 In the wild, this trojan attempts to save and execute files as the following: %temp%\pdfupd.exe
Analysis by Rodel FinonesLast update 08 June 2010
