Trojan:JS/Proxas.A is a detection for JavaScript-enabled objects that exhibit malware behavior. Malicious Web sites and PDF documents may contain such JavaScript code that attempts to execute code without the user's knowledge. An example of other malware that may execute this JavaScript is Exploit:Win32/Pdfjsc.D.

Exploit:JS/CVE-2008-0015 is the detection for code that attempts to exploit a vulnerability in the Microsoft Video ActiveX Control. This vulnerability is discussed in detail in Microsoft Security Advisory (972890). When a user visits a Web page containing an exploit detected as Exploit:JS/CVE-2008-0015, it may connect to a remote server and download other malware. Currently, we are aware of cases where exploits download and execute Worm:Win32/Dogkild.A on the system.

Exploit:JS/Mult.AF is a detection for code that exploits a certain vulnerability in Internet Explorer 7 in order to download and run arbitrary files.

 

Files detected as Exploit:JS/Mult.AF may arrive in the system when a user browses certain sites using a vulnerable version of Internet Explorer. When a webpage that includes Exploit:JS/Mult.AF is loaded, the vulnerability in Internet Explorer is exploited.

 

Exploit:JS/Mult.AI is a detection for code that exploits a certain vulnerability in Internet Explorer 7 in order to download and run arbitrary files.

 

Files detected as Exploit:JS/Mult.AI may arrive in the system when a user browses certain sites using a vulnerable version of Internet Explorer. When a webpage that includes Exploit:JS/Mult.AI is loaded, the vulnerability in Internet Explorer is exploited.

 

Exploit:Win32/Pidief.C is a detection for an exploit that targets a Portable Document Format (PDF) vulnerability. The critical vulnerability could result in the installation of additional malware when a malicious PDF document is opened using Adobe Reader version 9, or earlier.

Windows Defender detects and removes this threat.

Exploit:JS/Blacole.AR is the detection for malicious JavaScript that loads a series of other exploits that are distributed as components of the "Blackhole kit". If the computer runs a vulnerable version of certain software and exploitation is successful, various malware may be downloaded.

Exploit:Java/CVE-2011-3544.BU is a detection for the obfuscated Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in a Java Runtime Environment (JRE) component in Oracle, JAVA SE JDK and JRE 7, 6 update 27 and earlier. The vulnerability, discussed in CVE-2011-3544, allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.

Exploit:Java/Blacole.CY is malicious Java code that exploits a vulnerability that allows the execution of arbitrary code. The vulnerability is further described in CVE-2010-0840; successful exploitation may lead to remote code execution.

Exploit:Win32/Pdfjsc.EP is a detection for specially-crafted PDF files that attempt to exploit a software vulnerability in Adobe Acrobat and Adobe Reader.

Exploit:Java/CVE-2008-5353.HN is based on a vulnerability which affects Java Virtual Machine (JVM) up to and including version 6 update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2009-3867.HD is a Java applet that attempts to exploit vulnerabilities described in CVE-2009-3867 and CVE-2009-3868 that may allow the execution of an arbitrary code with escalated privileges.

Exploit:JS/Mult.DC is the detection for a specifically obfuscated JavaScript, embedded in PDF files, that targets software vulnerabilities in Adobe Acrobat and Adobe Reader.

Exploit:Java/CVE-2008-5353.XL is a detection for an exploit that is based on a vulnerability described in CVE-2008-5353. The vulnerability affects Java Virtual Machine (JVM) version 5 up to and including update 22, as well as version 6 up to and including update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2008-5353.WX is the detection for an obfuscated malicious Java class component that exploits the vulnerability described in CVE-2008-5353.

 

The vulnerability affects Java Virtual Machine (JVM) up to and including version 5 update 22 and version 6 update 10. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside of its "sandbox" environment. When a user visits a website that contains the applet, using a computer that has a vulnerable version of Sun Java, security checks may be bypassed, allowing arbitrary codes to be run.

Exploit:Java/CVE-2009-3869.M is a Java applet that attempts to execute a buffer overflow exploit that may allow the execution of an arbitrary code with escalated privileges. The applet exploits a buffer overflow which existed in processing malformed images or audio files and affects Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17.

Exploit:HTML/IframeRef.I is a detection for specially formed IFrame tags that point to remote web sites containing malicious content, for example malicious JavaScript containing an exploit for a specific vulnerability.