Home / malware Exploit:JS/CVE-2008-0015
First posted on 10 July 2009.
Source: SecurityHomeAliases :
Exploit:JS/CVE-2008-0015 is also known as Also Known As:JS/Dish!exploit (CA), Exploit:JS/ShellCode.gen (other), JS.BOFExploit.Gen (VirusBuster).
Explanation :
Exploit:JS/CVE-2008-0015 is the detection for code that attempts to exploit a vulnerability in the Microsoft Video ActiveX Control. This vulnerability is discussed in detail in Microsoft Security Advisory (972890). When a user visits a Web page containing an exploit detected as Exploit:JS/CVE-2008-0015, it may connect to a remote server and download other malware. Currently, we are aware of cases where exploits download and execute Worm:Win32/Dogkild.A on the system.
Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).
Exploit:JS/CVE-2008-0015 is the detection for code that attempts to exploit a vulnerability in the Microsoft Video ActiveX Control. This vulnerability is discussed in detail in Microsoft Security Advisory (972890). When a user visits a Web page containing an exploit detected as Exploit:JS/CVE-2008-0015, it may connect to a remote server and download other malware. Currently, we are aware of cases where exploits download and execute Worm:Win32/Dogkild.A on the system. An attacker who successfully exploits this vulnerability may be able to gain the same user rights as the local user. When using Internet Explorer, code execution may not require any user intervention. For more information, see Microsoft Security Advisory (972890).
Analysis by Vincent TiuLast update 10 July 2009
