Home / malware Exploit:Win32/Pdfjsc.AD
First posted on 11 May 2009.
Source: SecurityHomeAliases :
Exploit:Win32/Pdfjsc.AD is also known as Also Known As:Troj/PDFJs-B (Sophos).
Explanation :
Exploit:Win32/Pdfjsc.AD is the detection for a PDF file that exploits several PDF (Portable Document Format) vulnerabilities. It runs another malware that connects to a remote Web site, possibly to download other malware.
Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).
Exploit:Win32/Pdfjsc.AD is the detection for a PDF file that exploits several PDF (Portable Document Format) vulnerabilities. A specially crafted PDF file detected as Exploit:Win32/Pdfjsc.AD contains an encrypted Javascript. When opened, the Javascript triggers a buffer overflow in Adobe Acrobat and Adobe Reader that exploits the following vulnerabilities:CVE-2007-5659 CVE-2008-2992 The malicious Javascript runs another malware, which is detected as TrojanDownloader:Win32/Small.gen!Z. This trojan downloader then connects to theoschepens.nl to possibly download other malware components.
Analysis by Wei LiLast update 11 May 2009
