Exploits vulnerabilities in Adobe Flash Player, Oracle Java, and Silverlight
The threat tries to exploit the following vulnerabilities:
CVE-2013-2460, which affects versions of Java 7 Update 21 and earlier
CVE-2013-0074, which affects Silverlight version 5 and earlier
CVE-2014-0497, which affects Adobe Flash Player version 11.7.700.261 and 11.8.x through 12.0.x, before 126.96.36.199
If the threat successfully exploits a vulnerability, it tries to download malware onto your PC. We have seen it try to download the following threats:
This threat is part of the exploit kit called "FlashPack". See our page on exploits for more information.
Analysis by Chun Feng
Alerts from your security software may be the only symptom.