Trojan:JS/Proxas.A
Exploit:JS/CVE-2008-0015
Exploit:JS/Sakra.A
Exploit:JS/Sakra.A is file that is part of the Sakura exploit kit. This kit is used to infect your computer with different malware. It acts as a malware distributing platform by compromising websites; if you visit those websites, your computer may become infected with malware. It exploits vulnerabilities in different software to maximize the possibility of infection.
Exploit:Java/Blacole.GN
Java/Blacole.GN is a detection for a component of the Blackhole exploit kit - a kit used by attackers to distribute malware. Attackers install the kit onto a server, and then when you visit the compromised server, the kit attempts to exploit various, multiple vulnerabilities on your computer in order to install malware. For example, if you browsed a compromised website containing the exploit pack using a vulnerable computer, malware could be downloaded and installed onto your computer.
Typically, the Blackhole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.
For more information on this exploit kit, and steps you can take to avoid being compromised, please see the detailed Blacole description, elsewhere in our encyclopedia.
Exploit:Java/CVE-2012-0507.ANG
Exploit:Java/CVE-2012-0507.ANG is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-0507) in the Java Runtime Environment (JRE) in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, the exploit is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
The following versions of Java are vulnerable to this exploit:
- JDK and JRE 7 Update 2 and earlier Java SE
- JDK and JRE 6 Update 30 and earlier Java SE
- JDK and JRE 5.0 Update 33 and earlier Java SE
- SDK and JRE 1.4.2_35 and earlier Java SE
- JavaFX 2.0.2 and earlier JavaFX
Exploit:Java/Blacole.D
Exploit:Java/Blacole.D is a Java Class module that is included in a JAR file. It is part of the 'Blackhole' exploit kit, described in CVE-2010-0840.
Exploit:Java/Blacole.W
Exploit:Java/Blacole.W is the detection for the Java class module included in "worms.jar" that is part of the "Blackhole" exploit pack. The file "worms.jar" is an applet that exploits the vulnerability in Java Runtime Environment described in CVE-2010-0840.
Exploit:Java/CVE-2011-3544.A
Exploit:Java/CVE-2011-3544.A is a malicious Java applet stored within a Java Archive (.JAR) file. It attempts to exploit a vulnerability in the Java Runtime Environment (JRE) component in Oracle JAVA SE JDK and JRE 7, 6 Update 27 and earlier. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
More information about the vulnerability is available in the following articles:
Exploit:JS/Blacole.AD
Exploit:JS/Blacole.AD is a malicious JavaScript that attempts to exploit several vulnerabilities in Adobe Acrobat and Reader. If the exploit is successful in compromising a vulnerable host, it could result in downloading and executing other malware. Exploit:JS/Blacole.AD is a component of an exploit kit that is distributed as the "Blackhole exploit pack".
Exploit:SWF/CVE-2011-2110.A
Exploit:SWF/CVE-2011-2110.A is a detection for specially-crafted Shockwave Flash (.SWF) files that attempt to exploit software vulnerabilities in Adobe Flash Player and Adobe Reader and Acrobat X.
Exploit:HTML/Meadgive.AC
Windows Defender detects and removes this threat.
This threat loads a malicious Adobe Flash object in your browser in order to download malware, including ransomware such as Ransom:Win32/Cerber.
You might be redirected to the web page that loads the object without your consent.
The malicious Adobe Flash object exploits the vulnerability described in CVE-2015-8651 and Adobe Security Bulletin APSB16-01.
Note that you might get an alert about this threat even if you're not using a vulnerable version of the application. This is because we detect when a website or file tries to use the vulnerability, even if it isn't successful.
Read more about how this threat is being used by cybercriminals in this blog post:
- Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series
- Ransomware: a declining nuisance or an evolving menace?
- No slowdown in Cerber ransomware activity as 2016 draws to a close
Exploit:Java/CVE-2012-0507.Q!ldr
Exploit:Java/CVE-2010-0840.DJ
Exploit:Java/CVE-2010-0840.DJ is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to remote code execution.
Exploit:HTML/IframeRef.V
Exploit:HTML/IframeRef.V is a detection for specially-formed IFrame tags that point to remote websites containing malicious content, for example malicious JavaScript containing an exploit for a specific vulnerability.