Follow:

 

Exploit:JS/CVE-2010-0806


Exploit:JS/CVE-2010-0806 is a detection for specially crafted JavaScript that is designed to attempt to exploit the reported vulnerability described by Microsoft Security Advisory 981374.
 
Internet Explorer 8 on Microsoft Windows 2000 Service Pack 4 is not affected by this vulnerability. Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable.


What to do now

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
 
 
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
 
Please see the following resources for more information on this reported vulnerability:

Threat behavior

Exploit:JS/CVE-2010-0806 is a detection for specially crafted JavaScript that is designed to attempt to exploit the reported vulnerability described by Microsoft Security Advisory 981374.
 
Internet Explorer 8 on Microsoft Windows 2000 Service Pack 4 is not affected by this vulnerability. Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable.
 
By exploiting this vulnerability, an attacker may be able to execute remote arbitrary code on a vulnerable system.
 
In the wild, this exploit has been utilized by Trojan:Win32/Wisp. Please see the Trojan:Win32/Wisp.A and Trojan:Win32/Wisp.B encyclopedia entries for more detail.
 
Please see the following resources for more information on this reported vulnerability:
 

Symptoms

Alert notifications or detections of this malware from installed antivirus or security software may be the only other symptom(s).

Prevention


Alert level: Severe
First detected by definition: 1.77.750.0
Latest detected by definition: 1.167.11.0 and higher
First detected on: Mar 10, 2010
This entry was first published on: Mar 11, 2010
This entry was updated on: Apr 17, 2011

This threat is also detected as:
No known aliases