Java/CVE-2011-3544
Exploit:Java/CVE-2011-3544 is a family of malicious Java applets that attempt to exploit a vulnerability in the Java Runtime Environment (JRE) in order to download and install files of an attacker's choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2011-3544 is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier are all vulnerable to this exploit.
JS/Anogre
Microsoft security software detects and removes this family of threats.
This malware family looks for vulnerabilities in the following software:
- Java Development Kit and Java Runtime Environment
- Adobe Flash Player
- Microsoft True Type Font
If a vulnerability is found they can then download other malware onto your PC.
You can be redirected to a malicious or compromised website that hosts this threat as you browse the Internet or when you click a link in a spam email.
Our exploits page explains more about this type of threat.
Exploit:Win32/CVE-2011-3402
Exploit:Win32/CVE-2011-3402 is a detection for malicious code that attempts to exploit a vulnerability in the Win32 TrueType font parsing engine in the Microsoft Windows component "Win32k.sys". An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Exploit:SWF/CVE-2011-2140.A
Exploit:SWF/CVE-2011-2140.A is the detection for specially crafted Adobe Shockwave Flash (SWF) files that exploit the vulnerability described in the following articles:
It attempts to play a movie file. As of this writing, the movie file is unavailable.
Exploit:Win32/CVE-2011-0104
Windows Defender detects and removes this threat.
Exploit:Win32/CVE-2011-0104 is a malicious Microsoft Office file that exploits the vulnerability described in CVE-2011-0104, and resolved with the release of Microsoft Security Bulletin MS11-021.
This file might arrive as an attachment to a spammed email, and might use social engineering techniques (like a legitimate-sounding file name) to get you to open it.
Exploit:Win32/CVE-2011-1252.A
Exploit:Win32/CVE-2011-1252.A is the detection for malware that exploits a vulnerability in Internet Explorer. It may arrive in the computer via a specially-crafted email message. It downloads files from a certain server.
Exploit:Win32/CVE-2011-0980
Exploit:Win32/CVE-2011-0980 is the generic detection for specially crafted Microsoft Excel files that exploit a vulnerability discussed in CVE-2011-0980 and resolved with the release of Microsoft Security Bulletin MS11-021.
Exploit:Java/CVE-2011-3544.O
Exploit:Java/CVE-2011-3544.O is a malicious Java applet stored within a Java Archive (.JAR) file. It attempts to exploit a vulnerability in the Java Runtime Environment (JRE) component in Oracle JAVA SE JDK and JRE 7, 6 Update 27 and earlier. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
More information about the vulnerability is available in the following articles:
Exploit:Java/CVE-2011-3544.N
Exploit:Java/CVE-2011-3544.N is a malicious Java applet stored within a Java Archive (.JAR) file. It attempts to exploit a vulnerability in the Java Runtime Environment (JRE) component in Oracle JAVA SE JDK and JRE 7, 6 Update 27 and earlier. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
Exploit:Win32/CVE-2011-0976
Exploit:Win32/CVE-2011-0976 is a detection of a malformed Microsoft PowerPoint data file that contains a file structure that attempts to exploit a vulnerability mentioned in CVE-2011-0976. Successful exploitation of the vulnerability could lead to the execution of arbitrary code. The vulnerability is mitigated by Microsoft Security Bulletin MS11-022, released April 2011.
Exploit:AndroidOS/CVE-2011-3874
Windows Defender detects and removes this threat.
It tries to exploit a vulnerability in Android devices to gain access and control of the device.
This is often done by someone wanting to install special apps on their device.
Exploit:Win32/CVE-2011-2462
Exploit:Win32/CVE-2011-2462 is a detection of a malformed PDF file that contains a file structure that attempts to exploit a vulnerability mentioned in CVE-2011-2462, and detailed further here: http://www.adobe.com/support/security/advisories/apsa11-04.html.
Exploit:Java/CVE-2011-3544.BU
Exploit:Java/CVE-2011-3544.BU is a detection for the obfuscated Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in a Java Runtime Environment (JRE) component in Oracle, JAVA SE JDK and JRE 7, 6 update 27 and earlier. The vulnerability, discussed in CVE-2011-3544, allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
Exploit:Win32/CVE-2011-0094.A
Exploit:Win32/CVE-2011-0094.A is the detection for an JavaScript, which attempts to exploit a vulnerability in Internet Explorer.
Exploit:Win32/CVE-2011-0979
Exploit:Win32/CVE-2011-0979 is a detection for a malformed Microsoft Excel spreadsheet data file that contains a file structure that attempts to exploit a vulnerability mentioned in CVE-2011-0979. Successful exploitation of the vulnerability could lead to the execution of arbitrary code. The vulnerability is mitigated by Microsoft Security Bulletin MS11-021, released April 2011.
Exploit:JS/CVE-2011-1345
Exploit:JS/CVE-2011-1345 is a detection for an exploit which is based on the vulnerability described in CVE-2011-1345 and resolved with the release of Microsoft Security Bulletin MS11-018. The vulnerability affects Internet Explorer (IE) browsers versions 6,7 and 8. Internet Explorer 9 is not affected. Successful exploitation of the vulnerability can lead to execution of arbitrary code on an affected computer within the current user's security context.
Exploit:Java/CVE-2011-3544
Windows Defender detects and removes this threat.
This threat uses a software vulnerability to download and run other files on your PC, including malware.
It runs when you visit a hacked website and you have a vulnerable version of Java. Legitimate websites can also be hacked to unwillingly host this threat.
Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier are all vulnerable to this threat.
To check if you're running a vulnerable version of Java:
- Go to the control panel (Select Start then Control Panel)
- Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get a detection for this threat when you visit a website that has the malicious code, even if you're not using a vulnerable version of Java. This doesn't mean that you have been compromised, it means an try to compromise your PC has been made.
The vulnerability that this threat exploits is described in CVE-2011-3544.