Exploit:JS/Blacole.AO is the detection for malicious JavaScript that loads a series of other exploits that are distributed as components of the "Blackhole kit". If the computer runs a vulnerable version of certain software and exploitation is successful, various malware may be downloaded.

Exploit:Java/CVE-2009-3867 is the detection for a malicious Java applet that exploits the vulnerability described in CVE-2009-3867. The vulnerability is due to an error in the implementation of the HsbParser.getSoundBank function that can be exploited to result in a stack-based buffer overflow.

Exploit:JS/Pdfjsc.AA is a detection for a specifically obfuscated JavaScript that targets software vulnerabilities in Adobe Acrobat and Adobe Reader. It attempts to exploit a buffer overflow vulnerability also known as CVE-2007-5659.

Exploit:Win32/Wordrp is the detection for files that attempt to exploit vulnerabilities in several word processing software.

Exploit:JS/Pdfjsc.GO is a detection for specially-crafted PDF files that attempt to exploit software vulnerabilities in Adobe Acrobat and Adobe Reader. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript is executed and loads the exploit.

Exploit:Win32/Owapwn.A exploits a vulnerability discussed in CVE-2010-3213 affecting Outlook Web Access 2007. This vulnerability was resolved in Outlook Web Access 2010, and Outlook Web Access 2007 Service Pack 3. 

Exploit:Win32/CVE-2010-3962.A is a detection for a specially-crafted HTML script that is designed to attempt to exploit the reported vulnerability described by Microsoft Security Advisory 2458511. The vulnerability affects Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8. By exploiting this vulnerability, an attacker may be able to execute arbitrary code on a vulnerable computer.

Exploit:Win32/Pidief.BN is a detection for specially-crafted PDF files that target a software vulnerability in Adobe Acrobat and Adobe Reader referenced by Common Vulnerabilities and Exposures (CVE) Identifier CVE-2010-0188. Successful exploitation of the vulnerability could result in the malware downloading and executing arbitrary files.

 

Exploit:Win32/CVE-2011-0096.A is a generic detection for specially-crafted HTML files that attempt to exploit the vulnerability described in the following pages:

 

Exploit:Java/CVE-2009-3869.O is a Java applet (file size: 2593 bytes) that attempts to execute a buffer overflow exploit that may allow the execution of an arbitrary code with escalated privileges. The applet exploits a buffer overflow which existed in processing malformed images or audio files and affects Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17.

Exploit:Java/CVE-2010-0840.BH is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to arbitrary code execution.

Exploit:Win32/Shellcode.H is a detection for files that contain a malicious shellcode. These shellcodes may be found within data files, such as documents or spreadsheets (workbooks), in which a heapspray technique is used to exploit a vulnerability resulting in running the shellcode.

Exploit:Java/Midseq.A is a trojan exploit written in Java that exploits a vulnerability discussed in CVE-2010-0842. Successful exploitation could allow the execution of arbitrary code.

Microsoft security software detects and removes this threat.

This threat uses an Adobe vulnerability to download and run files on your PC, including malware.

It runs when you visit a malicious or hacked website and you have a vulnerable version of Adobe Flash Player.

The following versions of Adobe Flash Player are vulnerable:

• Adobe Flash Player 16.0.0.305 and earlier versions
• Adobe Flash Player 13.0.0.269 and earlier 13.x versions
• Adobe Flash Player 11.2.202.442 and earlier 11.x versions

If you visit a webpage containing this threat and your PC has a vulnerable version of Flash installed, this threat can download and run other malware.

Find out ways that malware can get on your PC.

Exploit:Java/CVE-2010-0842.A is a detection for Java malware that exploits a vulnerability discussed in CVE-2010-0842. Successful exploitation of the vulnerability could lead to the execution of arbitrary code.

Exploit:SWF/Blacole.B is a detection for malicious code within specially crafted Adobe Shockwave Flash (.SWF) files.

Exploit:JS/Blacole.AT is a variant of JS/Blacole, JavaScript malware that consists of several exploits and is created by the "Blackhole" exploit kit. Exploit:JS/Blacole.AT is installed to compromised websites by an attacker. It attempts to exploit the following CVE vulnerabilities:

• CVE-2007-5659
• CVE-2009-0927
• CVE-2010-0886
• CVE-2010-1885
• CVE-2011-2110

Microsoft security software detects and removes this threat.

More details are available in the JS/Axpergle family description.

To learn more about how this threat is being used by cybercriminals,

Read: Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series