Exploit:SWF/CVE-2011-0611.A is a detection for specially crafted malicious code within a Shockwave Flash (SWF) file. The malicious code attempts to exploit a vulnerability in Adobe Flash Player that could lead to the execution of arbitrary code. The vulnerability is described in CVE-2011-0611 and Adobe Security Advisory APSA11-02.
In the wild, this exploit was observed to be distributed in a spammed email message as an attached file named "Disentangling Industrial Policy and Competition Policy in China.doc". The attached file is a Microsoft Word document containing an embedded copy of the exploit.
Upon opening the Word document on a vulnerable system, the SWF file will be run. The embedded SWF drops a trojan, detected as Backdoor:Win32/Poison.M, as the following file:
The dropped malware is executed.
For more information about Backdoor:Win32/Poison.M, see the description elsewhere in the encyclopedia.
Analysis by Jaime Wong
Alert notifications or detections of this malware from installed antivirus or security software may be the only other symptoms.