Home / malware Exploit:JS/CVE-2009-1136
First posted on 15 July 2009.
Source: SecurityHomeAliases :
There are no other names known for Exploit:JS/CVE-2009-1136.
Explanation :
Exploit:JS/CVE-2009-1136 is detection for malicious JavaScript that exploits a vulnerability in Microsoft Office Web Components that could execute arbitrary code.
Symptoms
There are no common symptoms associated with this threat - the exploit may be activated while viewing Web content on maliciously modified pages. Alert notifications from installed antivirus software may be the only symptom(s).
Exploit:JS/CVE-2009-1136 is detection for malicious JavaScript that exploits a vulnerability in Microsoft Office Web Components that could execute arbitrary code. Microsoft Office Web Components are a collection of Component Object Model (COM) controls for publishing spreadsheets, charts, and databases to the Web, and for viewing the published components on the Web. This exploit is also referred to as CVE-2009-1136.
Installation
This exploit may be present in attacker-modified Web pages. The vulnerability exists specifically in the Spreadsheet ActiveX Control and could allow an attacker who successfully exploited this vulnerability the same user rights as the local user. We are aware of limited, active, and Web-based attacks that exploit this vulnerability.
Payload
Executes arbitrary codeIf a user browses a Web page containing the code and the malicious ActiveX successfully executes the exploit on a vulnerable computer, remote code execution is possible and may not require any user intervention.Additional InformationMicrosoft recommends that customers implement the workarounds outlined in Microsoft Security Advisory (973472) to help prevent the ActiveX control from loading in Internet Explorer pending a security update. Microsoft has provided Microsoft Knowledge Base Article 973472 to assist in reducing the risk of this exploit.
Analysis by Matt McCormackLast update 15 July 2009