SecurityHome.eu Exploit:JS/CVE-2014-0322

Home / malware PDF

Exploit:JS/CVE-2014-0322

First posted on 01 April 2019.
Source: Microsoft
Aliases :
There are no other names known for Exploit:JS/CVE-2014-0322.
Explanation :
Threat in context

This exploit targets Internet Explorer 9 and 10.

What is an exploit?

Exploits are written to take advantage of weaknesses (or vulnerabilities) in legitimate software. A project called Common Vulnerabilities and Exposures (CVE) gives each vulnerability a unique number, in this case "CVE-2014-0322".

You can find more information on the CVE website or on our page about exploits.

Payload

Downloads malware

This exploit can be encountered when you visit a malicious or hacked website that then attempts to download malware onto your PC.

We have seen the following sites use this exploit:

www.gifas.asso.fr www.vfw.org

We detect the infected pages on these sites as Exploit:HTML/IframeRef.gen.

After it has infected your PC, Exploit:JS/CVE-2014-0322 runs a malicious Adobe Flash player file, usually with the file name tope.swf, that we detect as Exploit:SWF/CVE-2014-0322.

This file tries to download the file calc111.exe from 192.168.20./, which we detect as Backdoor:Win32/Tranikpik.A.

Analysis by Franics Allan Tan Seng
Last update 01 April 2019

TOP

Malware :

Last 20