Back to list
Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan)
Jun 07 2004 01:21AM
Jelmer (jkuperus planet nl)
Re: Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan)
Jun 07 2004 08:47PM
Gadi Evron (ge linuxbox org)
RE: [Full-Disclosure] Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan)
Jun 07 2004 02:42AM
Larry Seltzer (larry larryseltzer com)
>>Finally I also attached the source files to this message
My McAfee-based gateway scanner blocks the attachment and labels it as "VBS/Psyme",
which has this description
"This trojan exploits an unpatched (at the time of this writing) vulnerability in
Internet Explorer. The vulnerability allows for the writing, and overwriting, of local
files by exploiting the ADODB.Stream object. There are several variants of this trojan.
Therefore this description is design to give an overview of how the trojan works.
The trojan exists as VBScript. This script contains instructions to download a remote
executable, save it to a specified location on the local disk, and then execute it."
eWEEK.com Security Center Editor
larryseltzer (at) ziffdavis (dot) com [email concealed]
[ reply ]
Copyright 2010, SecurityFocus